beautypg.com

Difference between ssl versions – Zilog EZ80F91AZA User Manual

Page 12

background image

UM020107-1211

Introduction

ZTP Network Security SSL Plug-In

User Manual

6

This user manual explains these concepts and offers a considerable amount of information
related to SSL configuration files. Careful modification of these configuration files will
alter the default behavior of the ZTP Network Security SSL Plug-In.

Difference Between SSL Versions

This section offers a brief summary of the differences between the multiple versions of the
SSL protocols supported by and relevant to the ZTP Network Security SSL Plug-In. This
material is not intended to be an explanation of the SSL handshake protocols.

SSL Version 2

SSL version 2 is the oldest and simplest of the SSL handshake protocols. The default set
of cipher suites defined in the SSLv2 specification (known as cipher specs in SSLv2) use
RSA for the key exchange algorithm and MD5 as the digest algorithm. The default set of
ciphers supported in the SSLv2 specification are:

RC2

RC4

IDEA

DES

3DES

The ZTP Network Security SSL Plug-In does not support RC2 or IDEA.

One potential security flaw of the SSLv2 protocol is that it is susceptible to man-in-the
middle types of attacks in which an attacker can trick the actual client and server into
using a relatively insecure cipher suite. This situation is possible because the SSLv2 client
has the final choice of SSLv1 cipher suite used during the session. This choice is usually
based on the set of mutually-supported cipher suites that the SSLv2 server returns in its
hello message.

However, these SSLv2 handshake messages are not protected; therefore, it is possible that
an attacker could intercept the server’s hello message and modify the list of mutually-sup-
ported ciphers so that just a single weak cipher remains. This intercept can trick the client
to use a weaker cipher suite than it would have ordinarily chosen based on the original
message received from the server. The attacker then tries to determine the weak cipher’s
symmetric key to gain access to the encrypted data.

To overcome this problem, the SSLv3 and TLSv1 protocols maintain a running digest of
all SSL handshake messages used to establish a session. After the session is established,

Note:

This manual is related to the following products: