Degrading attacks on TLS/SSL Diffie-Hellman Ciphers (LogJam vulnerability)

Marijo Bartakovic · ‎05-22-2015

Dear Team,

would it be possible to help identifying which versions of the Cisco ESA (in specific I'm looking for the latest version 9.1.0-032) is vulnerable to this new logjam attack?

If yes, how can I implement the workaraound mentioned below on the ESA?

Server-side recommendation
If you are operating servers, you need to:
 Disable support for EXPORT cipher suites
 Use a unique (self-generated) Diffie-Hellman group with 2048 bits or higher
If you have not explicitly configured your own unique DH Group in the DH parameters option of the server software
in use, chances are high that you are using a known, shared DH Group. If so, you need to generate a new DH
Group, with at least 2048-bit. The following command does this using OpenSSL. For further environments see [2].
openssl dhparam -out dhparams.pem 2048
If you use SSH, you should upgrade both your server and client installations to the most recent versions which
prefers Elliptic-Curve Diffie-Hellman Key Exchange.[3]

Kind Regards,

Marijo

Matthias Geiser · ‎05-22-2015

Hi Marijo,

to disable support of weak ciphers you can use for example the following cipher list:
HIGH:-LOW:-MEDIUM:-SSLv2:-aNULL:@STRENGTH

Add this for outbound, inbound and https GUI at "sslconfig". And while you're at at, disable SSLv3.

I found that the ESA uses the following 1024 bit prime for the DH group:

f8d5cce87a3961b5f5cbc83440c51856e0e6fa6d5ab2831078c867621ca46ca8
7d7fa3b1af75b8343c699374d36920f2e39a653de8f0725aa6e2d2977537558c
e27e784f4b549befb558927ba30c8bd81dacdcae93027b5dce1bc17670af7dec
e81149abd7d632d9b80a6397cebcc7a9619ccf38288ea3d523287743b04e6fb3

I do not yet know if this is a common group widely used on internet devices or "just" for Cisco ESA.

I do not know if this group can be changed on the ESA.

Best regards, Matthias

Jens Roesen · ‎05-28-2015

Hi,

there is a bug listed for this issue:

https://tools.cisco.com/bugsearch/bug/CSCuu45226

Regards

Jens