Tuesday, July 22, 2014

Disabling weak ciphers in JAVA Virtual machine (JAVA) level

There are known vulnerable weak cipher algorithms are out there such as MD2, MD5,  SHA1 and RC4. Having these in the production servers that have the high sensible data may have high security risk.



When you application running based on Apache Tomcat it is possible you to disable it from the removing relevant cipher from catalina-server.xml.

Example

ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"

Let say SSL_RSA_WITH_RC4_128_MD5 has been identified as a vulnerable weak cipher. So that simply you can remove that from the list and restart the server


ciphers="SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"

Lets say your server is out of control of your hand to control the cipher. Simple but efficient solution is to disable that from the JVM level.

Since Java 1.7 there are two additional properties in $JRE_HOME/lib/security/java.security:


jdk.certpath.disabledAlgorithms=MD2

Controls algorithms for certification path building and validation.

jdk.tls.disabledAlgorithms=MD5, SHA1, RC4, RSA keySize < 1024

This JVM-wide algorithm restrictions for SSL/TLS processing will disable the chipers that listed out there. Furthermore, the used notation is quite obvious here!  it's possible to disallow certain algorithms or limit key sizes.

Note that
Both properties are supported in Oracle JRE 7, Open JRE 7  and IBM Java v7


Further Reading