Friday, December 23, 2011

SSL Server Anonymous Authentication Vulnerability

SSL Server Anonymous Authentication Vulnerability
The Secure Socket Layer (SSL) protocol allows for secure communication between a client and a server. The client usually authenticates the server using an algorithm like RSA or DSS. Some SSL ciphers allow SSL communication without authentication. Most common Web browsers like Microsoft Internet Explorer, Netscape and Mozilla do not use anonymous authentication ciphers by default.
A vulnerability exists in SSL communications when clients are allowed to connect using no authentication algorithm. SSL client-server communication may use several different types of authentication: RSA, Diffie-Hellman, DSS or none. When 'none' is used, the communications are vulnerable to a man-in-the-middle attack."
Below is the ways to restrict the use of Certain Cryptographic Algorithms and protocols in Schannel.dll from Microsoft support.
Both SSL 3.0 and TLS 1.0  provide options to use different cipher suites. Each cipher suite determines the key exchange, authentication, encryption, and MAC algorithms used within a SSL/TLS session. Note that when you use RSA as both key exchange and authentication algorithms, the term RSA appears only once in the corresponding cipher suite definitions
The following Crypto Service Providers (CSPs) included with Windows NT 4.0 Service Pack 6 have been awarded the certificates for FIPS-140-1 crypto validation ( :
·  Microsoft Base Cryptographic Provider (Rsabase.dll)
·  Microsoft Enhanced Cryptographic Provider (Rsaenh.dll) [non-export version]
Microsoft TLS/SSL Security Provider, the Schannel.dll file, uses the CSPs listed above to conduct secure communications over SSL or TLS in its support for Microsoft Internet Explorer and Internet Information Server (IIS).

You can modify the Schannel.dll file to support Cipher Suite 1 and 2, but the program must also support Cipher Suite 1 and 2. Cipher Suite 1 and 2 are not supported in IIS 4.0 and 5.0.

This article from Microsoft provides the necessary information to configure the Windows NT 4.0 Service Pack 6 and later TLS/SSL Security Provider. You can use the Windows registry to control the use of specific SSL 3.0 or TLS 1.0 cipher suites respect to the cryptographic algorithms supported by Microsoft Base or Enhanced Cryptographic Provider.

Cipher Suites
SSL 3.0 when you use the Microsoft Base or Enhanced Cryptographic Provider:
Collapse this tableExpand this table

{ 0x00,0x03 }
{ 0x00,0x04 }
{ 0x00,0x05 }
{ 0x00,0x06 }
{ 0x00,0x09 }
{ 0x00,0x0A }
{ 0x00,0x62 }
{ 0x00,0x64 }

TLS 1.0 when using Microsoft Base or Enhanced Cryptographic Provider:Collapse this tableExpand this table

{ 0x00,0x03 }
{ 0x00,0x04 }
{ 0x00,0x05 }
{ 0x00,0x06 }
{ 0x00,0x09 }
{ 0x00,0x0A }
{ 0x00,0x62 }
{ 0x00,0x64 }

Schannel Specific Registry Keys
Start Registry Editor (Regedt32.exe), and locate the following key in the registry.
SCHANNEL\Protocols SubKey
To enable the use of the protocols that will not be negotiated by default (such as TLS 1.1 or TLS 1.2), change the DWORD value data of the DisabledByDefault value to 0x0 in each of the following registry keys under the Protocols key:
·  SCHANNEL\Protocols\TLS 1.1\Client
·  SCHANNEL\Protocols\TLS 1.1\Server
·  SCHANNEL\Protocols\TLS 1.2\Client
·  SCHANNEL\Protocols\TLS 1.2\Server

SCHANNEL\Ciphers Subkey
The Ciphers registry key under the SCHANNEL key is used to control the use of symmetric algorithms such as DES or RC4. The following are valid registry keys under the Ciphers key.