dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
8707
share rss forum feed


FF4m3

@rr.com

Check Your Browser's Encryption Preferences

Understanding a browser's crypto preferences:

The Distributed Computing & Security research team at the University of Hanover in Germany has implemented a browser encryption test page that analyses the way in which an HTTPS connection is established. One of the things it demonstrates is the accessing browser's preferred crypto technique.

The page also shows which TLS version is supported by the browser.


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
I take issue with that test showing which TLS version is "supported" by the browser.

Both Opera 12.14 and IE 10 support TLS 1.1 and I have it enabled on both browsers. However, both browsers used TLS 1.0 at that test. They obviously PREFER TLS 1.0 even though both SUPPORT TLS 1.1.

Fx 17 ESR and Opera 12.14 both prefer 256 bit encryption while IE 10 prefers 128 bit! That surprised me.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


norwegian
Premium
join:2005-02-15
Outback
said by Mele20:

Both Opera 12.14 and IE 10 support TLS 1.1 and I have it enabled on both browsers. However, both browsers used TLS 1.0 at that test. They obviously PREFER TLS 1.0 even though both SUPPORT TLS 1.1.

I noticed a strange thing with those results too. The test said Chrome preferred TLS 1.0 and supported TLS 1.1, but on allowing the site to run script, it changed to read TLS 1.1 and support TLS 1.0. Not sure how the test is reading the results but did notice that it was giving a varied result.

said by Mele20:

Fx 17 ESR and Opera 12.14 both prefer 256 bit encryption while IE 10 prefers 128 bit! That surprised me.

I thought you were talking Cisco there for a second, but then noted your reference to Microsoft.
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5

1 recommendation

reply to FF4m3
Click for full size
Qualys Labs gives the site a B!! Downgraded because it does NOT mitigate the BEAST attack.


HA Nut
Premium
join:2004-05-13
USA
reply to FF4m3
For my sake and others that want to know where the SSL and TLS settings are located in each browser, is there a web page that details where those settings can be found (inside each browser) and what they should be currently set at? For IE, FF, Chrome and Safari. (I can find IE and FF but not Chrome. I don't run Safari as I have Windows.)

If no page, can someone here list the info??

OZO
Premium
join:2003-01-17
kudos:2
reply to FF4m3
Hmm, interesting. Chromium 26.0.1394.0 uses (in order of its preference) 8 256-bit ciphers, then 14 128-bit, etc. At the same time IE7 uses only 2 128-bit, then 4 56-bit, etc.

Thank you for the link to the test page.
--
Keep it simple, it'll become complex by itself...


therube

join:2004-11-11
Randallstown, MD
reply to FF4m3

evoxllx

join:2007-06-07
Winter Park, FL
reply to Mele20
said by Mele20:

Qualys Labs gives the site a B!! Downgraded because it does NOT mitigate the BEAST attack.

The BEAST attack is no longer a concern, every browser (except for Safari) implemented 1/n-1 record splitting long ago.

Ciphers should be one of the last concerns, the biggest issues today are proper implementation on websites and the fact that some sites don't use HTTPS at all.

That said, I'd prefer AES-GCM then RC4, while leaving CBC-mode ciphers as the very last option.

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
Why do you say that one of the "biggest problems" is that some sites don't use HTTPS at all? HTTPS is NOT needed on sites except in certain instances, i.e. when you login, when banking although banking sites per se do not need HTTPS...again, only needed if you are actually banking not just perusing the site or doing something that not related specifically to your bank account or credit card.

I use Google Sharing with HTTPS disabled. I hate HTTPS except when absolutely needed. I detest so called idiotic "private" browsing mode on browsers and NEVER have used it. It is stupid.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson

evoxllx

join:2007-06-07
Winter Park, FL
said by Mele20:

Why do you say that one of the "biggest problems" is that some sites don't use HTTPS at all? HTTPS is NOT needed on sites except in certain instances, i.e. when you login, when banking although banking sites per se do not need HTTPS...again, only needed if you are actually banking not just perusing the site or doing something that not related specifically to your bank account or credit card.

I use Google Sharing with HTTPS disabled. I hate HTTPS except when absolutely needed. I detest so called idiotic "private" browsing mode on browsers and NEVER have used it. It is stupid.

sslstrip will make quick work of any sites not deploying HTTPS properly.

Only making the POST on a login form go over HTTPS is almost entirely pointless, as sslstrip can just change the https to http.

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
said by evoxllx:

sslstrip will make quick work of any sites not deploying HTTPS properly.

Only making the POST on a login form go over HTTPS is almost entirely pointless, as sslstrip can just change the https to http.

I am not worried about my banks login pages. Nothing else needs HTTPS except a site where you are inputting credit card info for a purchase.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson

evoxllx

join:2007-06-07
Winter Park, FL
said by Mele20:

said by evoxllx:

sslstrip will make quick work of any sites not deploying HTTPS properly.

Only making the POST on a login form go over HTTPS is almost entirely pointless, as sslstrip can just change the https to http.

I am not worried about my banks login pages. Nothing else needs HTTPS except a site where you are inputting credit card info for a purchase.

sslstrip can turn those pages into http as well, if the entire site isn't HTTPS.

Here's a good video you should take a look at.

»www.youtube.com/watch?v=LBbCec4Bp10

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
Some banks put their entire site behind HTTPS. Others, you have find the secure login (like with Chase) and then everything after you login on a secure login page (NOT the login page on Chase.com) is HTTPS.

I watched a little of the video but it is too long to watch all of it and the volume is bad (can't wait to get a Creative Z card for this computer). He mentioned the gold color on the address bar...it is a pet peeve of mine that Fx doesn't even do this anymore.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


Juggernaut
Irreverent or irrelevant?
Premium
join:2006-09-05
Kelowna, BC
kudos:2
Hmm, I have different results on FF 3.6.28.



Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
They've changed it! That is good. I stopped going to the main site back when Chase was asking the user to login on an INsecure page and had hidden the secure login page by burying it in a very obscure section of the site. A lot of banks did that at the time. Before Chase did that, it had its entire site behind HTTPS, then suddenly it didn't, and now it does again.

When Chase changed it to insecure, we had a thread about it here and about the other banks that were doing it too to try and save some money. The banks claimed it was safe to login on a non secure page...bah! I called Chase internet support after they did it and I told the tech that I disapproved strongly in forcing users to login on an insecure page. I told him that I spent 1/2 hour searching the Chase site for the encrypted logon page that I figured was still there somewhere. I told him I had found it. He said "You found it? Really? We've been looking all day for it. Where is it on the site?"

I am glad to see that Chase got some sense again.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


Juggernaut
Irreverent or irrelevant?
Premium
join:2006-09-05
Kelowna, BC
kudos:2
Glad to hear it's fixed now. Enjoy.


Dude111
An Awesome Dude
Premium
join:2003-08-04
USA
kudos:13
reply to Mele20

 

Interesting that IE10 only supports 128bit (Same as IE6) -- What does IE7,8 and 9 support??

evoxllx

join:2007-06-07
Winter Park, FL
reply to FF4m3

Re: Check Your Browser's Encryption Preferences

For those using outdated browsers, crypto should be the least of your worries. Your browser has so many other issues crypto and non-crypto related, that ciphers are irrelevant.

OZO
Premium
join:2003-01-17
kudos:2
reply to Dude111

Re:  

Here is what IE7 supports:
Cipher Suites Supported by Your Browser (ordered by preference):
 
Spec     Cipher Suite Name          Key Size  Description
(00,     04)RSA-RC4128-MD5          128 Bit   Key exchange: RSA, encryption: RC4, MAC: MD5.
(00,05)  RSA-RC4128-SHA             128 Bit   Key exchange: RSA, encryption: RC4, MAC: SHA1.
(00,0a)  RSA-3DES-EDE-SHA            56 Bit   Key exchange: RSA, encryption: 3DES, MAC: SHA1.
(00,09)  RSA-DES-SHA                 56 Bit   Key exchange: RSA, encryption: DES, MAC: SHA1.
(00,64)  RSA-EXPORT1024-RC456-SHA    56 Bit   Key exchange: RSA, encryption: RC4, MAC: SHA1.
(00,62)  RSA-EXPORT1024-DES-SHA      56 Bit   Key exchange: RSA, encryption: DES, MAC: SHA1.
(00,03)  RSA-EXPORT-RC440-MD5        40 Bit   Key exchange: RSA, encryption: RC4, MAC: MD5.
(00,06)  RSA-EXPORT-RC2-CBC40-MD5    40 Bit   Key exchange: RSA, encryption: RC2, MAC: MD5.
(00,13)  DHE-DSS-3DES-EDE-SHA1       68 Bit   Key exchange: DH, encryption: 3DES, MAC: SHA1.
(00,12)  DHE-DSS-DES-SHA             56 Bit   Key exchange: DH, encryption: DES, MAC: SHA1.
(00,63)  DHE-DSS-EXPORT1024-DES-SHA  56 Bit   Key exchange: DH, encryption: DES, MAC: SHA1.
 
Further information:
 
User-Agent:                Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
Preferred SSL/TLS version: TLSv1
SNI information:           Your browser did not send SNI information.
SSL stack current time:    Sat, 30 Mar 2013 19:29:10
 
This connection uses TLSv1 with RC4-SHA and a 128 Bit key for encryption.
 
Raw:
 
Version: 3.1 
Ciphers: 04,05,0a,09,64,62,03,06,13,12,63
Extensions: None
Remote Time: 1364668150
 

--
Keep it simple, it'll become complex by itself...

OZO
Premium
join:2003-01-17
kudos:2
And for the sake of comparison, this is latest Iron:
Cipher Suites Supported by Your Browser (ordered by preference):
 
SpecCipher Suite NameKey SizeDescription
Spec     Cipher Suite Name          Key Size  Description
(c0,14)  ECDHE-RSA-AES256-SHA       256 Bit   Key exchange: ECDH, encryption: AES, MAC: SHA1.
(00,88)  DHE-RSA-CAMELLIA256-SHA    256 Bit   Key exchange: DH, encryption: Camellia, MAC: SHA1.
(00,87)  DHE-DSS-CAMELLIA256-SHA    256 Bit   Key exchange: DH, encryption: Camellia, MAC: SHA1.
(00,39)  DHE-RSA-AES256-SHA         256 Bit   Key exchange: DH, encryption: AES, MAC: SHA1.
(00,38)  DHE-DSS-AES256-SHA         256 Bit   Key exchange: DH, encryption: AES, MAC: SHA1.
(c0,0f)  ECDH-RSA-AES256-SHA        256 Bit   Key exchange: ECDH, encryption: AES, MAC: SHA1.
(00,84)  RSA-CAMELLIA256-SHA        256 Bit   Key exchange: RSA, encryption: Camellia, MAC: SHA1.
(00,35)  RSA-AES256-SHA             256 Bit   Key exchange: RSA, encryption: AES, MAC: SHA1.
(c0,11)  ECDHE-RSA-RC4128-SHA       128 Bit   Key exchange: ECDH, encryption: RC4, MAC: SHA1.
(c0,13)  ECDHE-RSA-AES128-SHA       128 Bit   Key exchange: ECDH, encryption: AES, MAC: SHA1.
(00,45)  DHE-RSA-CAMELLIA128-SHA    128 Bit   Key exchange: DH, encryption: Camellia, MAC: SHA1.
(00,44)  DHE-DSS-CAMELLIA128-SHA    128 Bit   Key exchange: DH, encryption: Camellia, MAC: SHA1.
(00,66)  DHE-DSS-RC4128-SHA         128 Bit   Key exchange: DH, encryption: RC4, MAC: SHA1.
(00,33)  DHE-RSA-AES128-SHA         128 Bit   Key exchange: DH, encryption: AES, MAC: SHA1.
(00,32)  DHE-DSS-AES128-SHA         128 Bit   Key exchange: DH, encryption: AES, MAC: SHA1.
(c0,0c)  ECDH-RSA-RC4128-SHA        128 Bit   Key exchange: ECDH, encryption: RC4, MAC: SHA1.
(c0,0e)  ECDH-RSA-AES128-SHA        128 Bit   Key exchange: ECDH, encryption: AES, MAC: SHA1.
(00,96)  RSA-SEED-SHA               128 Bit   Key exchange: RSA, encryption: seed, MAC: SHA1.
(00,41)  RSA-CAMELLIA128-SHA        128 Bit   Key exchange: RSA, encryption: Camellia, MAC: SHA1.
(00,05)  RSA-RC4128-SHA             128 Bit   Key exchange: RSA, encryption: RC4, MAC: SHA1.
(00,04)  RSA-RC4128-MD5             128 Bit   Key exchange: RSA, encryption: RC4, MAC: MD5.
(00,2f)  RSA-AES128-SHA             128 Bit   Key exchange: RSA, encryption: AES, MAC: SHA1.
(c0,12)  ECDHE-RSA-3DES-EDE-SHA     168 Bit   Key exchange: ECDH, encryption: 3DES, MAC: SHA1.
(00,16)  DHE-RSA-3DES-EDE-SHA       168 Bit   Key exchange: DH, encryption: 3DES, MAC: SHA1.
(00,13)  DHE-DSS-3DES-EDE-SHA       168 Bit   Key exchange: DH, encryption: 3DES, MAC: SHA1.
(c0,0d)  ECDH-RSA-3DES-EDE-SHA      168 Bit   Key exchange: ECDH, encryption: 3DES, MAC: SHA1.
(fe,ff)  RSA-FIPS-3DES-EDE-SHA      168 Bit   Key exchange: RSA, encryption: 3DES, MAC: SHA1.
(00,0a)  RSA-3DES-EDE-SHA            56 Bit   Key exchange: RSA, encryption: 3DES, MAC: SHA1.
 
Further information:
 
User-Agent:                Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.22 (KHTML, like Gecko) Iron/25.0.1400.0
                           Chrome/25.0.1400.0 Safari/537.22
Preferred SSL/TLS version: TLSv1
SNI information:           cc.dcsec.uni-hannover.de
SSL stack current time:    Sat, 30 Mar 2013 19:45:09
 
This connection uses TLSv1.1 with DHE-RSA-CAMELLIA256-SHA and a 256 Bit key for encryption.
 
Raw:
 
Version: 3.1
Ciphers:     c014,88,87,39,38,c00f,84,35,c011,c013,45,44,66,33,32,c00c,c00e,96,41,05,04,2f,c012,16,13,c00d,feff,0a
Extensions:  0000,ff01,000a,000b,0023,3374,0005
Remote Time: 1364669109
 

--
Keep it simple, it'll become complex by itself...

evoxllx

join:2007-06-07
Winter Park, FL
reply to Dude111
said by Dude111:

Interesting that IE10 only supports 128bit (Same as IE6) -- What does IE7,8 and 9 support??

The version of IE is irrelevant since IE relies on SChannel.

AFAIK, Windows XP doesn't support any AES ciphers, so you're effectively stuck with RC4 and 3DES on any version of IE when using Windows XP.

Windows Vista and higher supports AES in 128-bit and 256-bit.

The most accurate way to determine which ciphers are supported is to have Wireshark running and look at the ClientHello for each browser when going to an HTTPS site.


therube

join:2004-11-11
Randallstown, MD
Reviews:
·Comcast
·Verizon Online DSL

2 edits
reply to evoxllx

Re: Check Your Browser's Encryption Preferences

said by evoxllx:

Here's a good video you should take a look at.

Very interesting, thanks.

(not an end-all, but ...)

Q: What's HTTPS and why is that important for NoScript users?

Q: What can NoScript do against HTTPS cookie hijacking?

Best Practices for Sensitive Sites

Rojo

join:2009-04-14
New York, NY
kudos:1
reply to Mele20
said by Mele20:

...I told him that I spent 1/2 hour searching the Chase site for the encrypted logon page that I figured was still there somewhere. I told him I had found it. He said "You found it? Really? We've been looking all day for it. Where is it on the site?"

I am glad to see that Chase got some sense again.

I too hated the fact that the Chase login page was http.

One day years ago after making a login mistake I noticed the error page telling me to try again was https.

Got a brainstorm and bookmarked that page.
Been using it as my encrypted login page ever since


kickass69

join:2002-06-03
Lake Hopatcong, NJ
reply to Mele20
Question remains why isn't TLS 1.2 in Firefox and why isn't that the standard by now for TLS?


therube

join:2004-11-11
Randallstown, MD
> Question remains why isn't TLS 1.2 in Firefox

»Re: Check Your Browser's Encryption Preferences

evoxllx

join:2007-06-07
Winter Park, FL

1 edit
reply to kickass69
said by kickass69:

Question remains why isn't TLS 1.2 in Firefox and why isn't that the standard by now for TLS?

Firefox and Chrome should be getting it soon, since patches for it have been sent up to NSS.

The main reason it hasn't been widely adopted is due to broken network devices and broken servers. Many broken devices and servers freak out and start dropping TCP connections if they see a higher version of TLS than 1.0.

This is exactly the reason why TLS 1.1 and 1.2 are supported by Opera and IE (SChannel), but are disabled by default.

Safari (iOS 5+) added support for TLS 1.2 (enabled by default), and it triggered a lot of problems due to those broken devices and servers.

I think it's time to disregard these broken devices and servers, much like everyone did for the 1/n-1 record splitting BEAST fix, which broke compatibility with a number of buggy servers.

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
Why would Fx be getting TLS 1.2 "soon" when it doesn't even have TLS 1.1?


norwegian
Premium
join:2005-02-15
Outback
evoxllx's mention of TSL 1.0 and web pages is requite relevant, since all the uproar over the inherent weaknesses discovered, not many sites will work on anything more than ver 1.0 still.
If the browsers and web pages at large fix this, then I think it a positive jump forward, be that next week or next quarter.

evoxllx

join:2007-06-07
Winter Park, FL

1 edit
reply to Mele20
said by Mele20:

Why would Fx be getting TLS 1.2 "soon" when it doesn't even have TLS 1.1?

Firefox is always slow to to enable new crypto features and fixes. They were actually the *last* browser to patch against the BEAST attack, with the exception of Safari, which never patched it at all.

The major security benefit of TLS 1.1, the explicit CBC IVs, was retrofitted to previous versions in the form of 1/n-1 record splitting.

The major point for TLS 1.2 right now is AES-GCM, since that will allow people to get away from both RC4 and CBC mode ciphers.

said by norwegian:

evoxllx's mention of TSL 1.0 and web pages is requite relevant, since all the uproar over the inherent weaknesses discovered, not many sites will work on anything more than ver 1.0 still.
If the browsers and web pages at large fix this, then I think it a positive jump forward, be that next week or next quarter.

TLS 1.1-1.2 support is on the rise for servers, it can be seen on sslpulse.

»www.trustworthyinternet.org/ssl-pulse/

Over 22,000 sites support TLS 1.2 now, many big sites as well.