mac os x safari ssl cipher suite

Eric Cronin ecronin at gizmolabs.org
Sat Aug 12 14:03:36 EDT 2006


On Aug 11, 2006, at 10:26 AM, Joe Cooley wrote:

> I recently inspected ssl packets from the following apps:
>
> firefox 1.5.0.6
> safari 2.0.4 (419.3)
> curl 7.15.4 with OpenSSL/0.9.7i
>
> I found that they list the following cipher suites during the client
> hello handshake protocol:
>
> (snippets from ethereal -V output...)
<snip>
> Safari only seems to support DES, 3DES, and RC4 ciphers.  My question
> is this: should I be concerned about privacy when *_RC4_* is the
> negotiated suite, i.e., in my tests, safari used
> TLS_RSA_WITH_RC4_128_SHA?  Firefox and curl used
> TLS_DHE_RSA_WITH_AES_256_CBC_SHA.

RC4 when used correctly (which I believe it is in TLS) should not  
concern you much.  What should concern you, however, is that Apple  
has chosen to include a testing/debug NULL cipher in their production  
(and completely unmodifiable w/o recompiling System.framework)  
cipherlist:

> Cipher Suite: TLS_RSA_WITH_NULL_MD5 (0x0001)

This means that a malicious server can negotiate Safari into using no  
encryption at all, while still providing all the GUI feedback of a  
secure SSL connection...

For fun, fire off this command and visit localhost:4433 from both  
firefox and safari, and look at the packet dumps in ethereal (use any  
snakeoil server.* you have handy):

/usr/local/bin/openssl s_server -cert server.crt -key server.key -www  
-cipher 'AES:TLSv1:ALL:NULL:!RC4-SHA:!RC4-MD5:!DES-CBC3-SHA:!DES-CBC- 
SHA:!EXP-RC4-MD5:!EXP-DES-CBC-SHA:!EXP-RC2-CBC-MD5'

I filed a bug with Apple on this back in February, I encourage others  
to do so as well at http://radar.apple.com.  Ask them to include the  
AES ciphers while you're at it, it's only been 5 years or so since it  
was standardized...

Thanks,
Eric
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 478 bytes
Desc: This is a digitally signed message part
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20060812/05c4ba5e/attachment.pgp>


More information about the cryptography mailing list