Menu
picture of tbs certificates
picture of tbs certificates
:
Certificates
Our products range
Partners
Support
Focus


20160826 - Sweet32 attack

An attack recently published by INRIA researchers makes block ciphers based on 64 bits blocks vulnerable. Thesweet32 attack makes 3DES and Blowfish algorithms, enabled by default respectively on Openssl and OpenVN, vulnerable. We strongly recommend their disabling.

Server-side mitigation

You can read our per server recommendations for each platform allowing for cipher selection. Here is some platform-specific information:

  • For Openssl-based platforms (Apache, Nginx, Lighthttpd, etc), upon the next updates of branches 1.0.1 and 1.0.2, 3DES will be removed from the HIGH preset but will still be present on the DEFAULT preset. It will be removed in the new 1.1.0 branch. However, you can manually exlude it by adding "!3DES" to your cipher list.
  • On Windows Server, you can disable 3DES.
  • For the specific case of IIS6, an official patch can allow you to enable AES. You can then disable 3DES.

It is also important to note that cipher order is important.

Client-side mitigation

Most browsers only use 3DES as a last resort. No update is necessary if your browser already support AES. We published a list of online tests that allows you to evaluate your browser's capabilities.

Specific cases:

  • Although Firefox prioritizes safe algorithms, Mozilla is working on adding a data limit for TLS connections in Firefox to limit this attack and subsequent similar ones.
  • Clients Internet Explorer on Windows Server 2003 and Windows XP do not use by default safer algorithms like AES. Two paches are necessary: KB948963 and MS12-006. Other browsers not using Microsoft cryptographic APIs, like Firefox, are not impacted.

Additional ressources