2

Until now I was only aware of Hynek Schlawack's blog post on hardening web server cyphers having a relatively short list of cyphers.

But recently I found How to fix 'logjam' vulnerability in Apache (httpd) which pointing to the much longer intermediate list from Mozilla Security: Server Side TLS.

The lists are quite different, so I wonder how to map between the two.

I split both so there one cypher per line making spotting differences easier:

https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/

ECDH+AESGCM
DH+AESGCM
ECDH+AES256
DH+AES256
ECDH+AES128
DH+AES
ECDH+3DES
DH+3DES
RSA+AESGCM

https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations

ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-GCM-SHA384
DHE-RSA-AES128-GCM-SHA256
DHE-DSS-AES128-GCM-SHA256
kEDH+AESGCM
ECDHE-RSA-AES128-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES128-SHA
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA
DHE-RSA-AES128-SHA256
DHE-RSA-AES128-SHA
DHE-DSS-AES128-SHA256
DHE-RSA-AES256-SHA256
DHE-DSS-AES256-SHA
DHE-RSA-AES256-SHA
AES128-GCM-SHA256
AES256-GCM-SHA384
AES128-SHA256
AES256-SHA256
AES128-SHA
AES256-SHA
AES
CAMELLIA
DES-CBC3-SHA
!aNULL
!eNULL
!EXPORT
!DES
!RC4
!MD5
!PSK
!aECDH
!EDH-DSS-DES-CBC3-SHA
!EDH-RSA-DES-CBC3-SHA
!KRB5-DES-CBC3-SHA
Community
  • 1
Jeroen Wiert Pluimers
  • 290

1 Answers1

4

If you put both of these specifications into openssl ciphers -V and compare you will find that:

  • 25 ciphers are contained in both sets.
  • The set from Mozilla contains 6 SRP (secure remote password) ciphers which are not supported by the browsers. It also contains 7 ciphers using CAMELIA. I don't know which browser supports these ciphers but according to SSLLabs none of the major desktop browsers offers it. The rest are DSS ciphers which you only need if you have a certificate using a DSA key. Usually certificates use RSA and sometimes ECDSA.
  • The set from Hynek includes instead some more RSA and ECDSA ciphers.

In my opinion the set from Hynek makes more sense, especially since the ciphers only in the set from Mozilla are usually not supported by either the browser or the servers certificate anyway.

Steffen Ullrich
  • 14,265