List of SSL Ciphers and Protocols Supported By Eucalyptus API Endpoints and Eucalyptus Load Balancer

Follow

List of SSL Ciphers and Protocols Supported By Eucalyptus API Endpoints and Eucalyptus Load Balancers (ELB)

Eucalyptus Versions: All

Background

Due to the recent Eucalyptus Security Advisory regarding the POODLE Attack - ESA-28, there have been questions raised by the community regarding which SSL ciphers and protocols are utilized by the Eucalyptus API Endpoints (this also includes the User Facing Services APIs) and the Eucalyptus Load Balancer (ELB). This KB article will provide information regarding those SSL ciphers and protocols.

SSL Termination Endpoints

Currently, there are two endpoints that terminate SSL connections.  They are as follows:

  • Port 8443 - endpoint used to obtain credential information from CLC
  • Port 8773 - primary API endpoint provided by the CLC and UFS

Supported SSL Protocols

(Eucalyptus Versions: 4.0.2 and Earlier)

The list of supported SSL protocols is as follows:

  • SSLv3
  • SSLv2Hello
  • TLSv1
  • TLSv1.1
  • TLSv1.2

Note:  This is a non-configurable list.

(Eucalyptus Versions: 4.1+)

In version 4.1, SSLv3 is disabled by default due to the POODLE Attack.  The following cloud properties support the a default list of protocols, which can modified (via euca-modify-property) and require no restart of any cloud services:

Property Port Default Protocol Value
www.https_protocols 8443 SSLv2Hello, TLSv1, TLSv1.1 TLSv1.2
bootstrap.webservices.ssl.server_ssl_protocols 8773 SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2

Support Cipher Suites

Eucalyptus uses the default SunJSSE cipher suites.  For a full list of the supported ciphers, please reference the Java Cryptography Architecture Oracle Providers Documentation for Java Platform Standard Edition 7.

Eucalyptus Cipher Properties

(Eucalyptus Versions: 4.0.1, 4.0.2, and 4.1)

The following cloud properties have the default cipher suites:

Property Port Default Cipher Value
www.https_ciphers 8443 RSA:DSS:ECDSA:+RC4:+3DES:TLS_EMPTY_RENEGOTIATION_INFO_SCSV:!NULL:!EXPORT:!EXPORT1024:!MD5:!DES
bootstrap.webservices.ssl.server_ssl_ciphers 8773 RSA:DSS:ECDSA:+RC4:+3DES:TLS_EMPTY_RENEGOTIATION_INFO_SCSV:!NULL:!EXPORT:!EXPORT1024:!MD5:!DES

These cloud properties can be modified using euca-modify-property.  When modifying these properties, please keep in mind that the cipher properties follow a format that is similar to OpenSSL.  Below are rules that are used to construct the list of enabled cipher suites when the SSL context is created by the server:

Example format of the string:

RSA:DSS:ECDSA:+RC4:+3DES:TLS_EMPTY_RENEGOTIATION_INFO_SCSV:!NULL:!EXPORT:!EXPORT1024:!MD5:!DES
  • Each identifier is separated by the colon character - ":"
  • An identifier that does not start with TLS_ or SSL_, will match any cipher suite that has the identifier in it.
  • An identifier beginning with ! tells the system to disable that cipher suite
  • An identifier beginning with + tells the system to move that cipher suite to the end of the list of supported cipher suites.
  • An identifier composed of two strings with the '+' character, for example RSA+DSE, tells the system to enable the cipher suite that has both values in the cipher suite.
  • An identifier beginning with TLS_ or SSL_ needs to be a fully qualified cipher suite, for example: TLS_EMPTY_RENEGOTIATION_INFO_SCSV

Eucalyptus Load Balancer

The Eucalyptus Load Balancer (ELB) utilizes HAProxy to provide load balancing and SSL termination.  According to the HAProxy documentation, the list of protocols and cipher suites supported are based on what OpenSSL supports (based upon what HAProxy has been built with).  In Eucalyptus 4.0.0, and previous versions, there were no restrictions placed in the HAProxy configuration to disable certain protocols or cipher suites (however this can be done manually by creating a custom Eucalyptus Load Balancer image and using the 'ciphers' option in the HAProxy configuration file).  

In Eucalyptus 4.0.2, we specifically added the 'no-sslv3' flag when HTTPS/SSL ELB is launched.  At this time, it is not possible to adjust/modify the SSL configuration without creating a custom Eucalyptus Load Balancer image.  EUCA-9746 is being evaluated for a future release.  

Supported SSL Protocols and Ciphers Discovery for Eucalyptus Load Balancer

There are various methods and tools to use to observe what SSL protocols and ciphers are supported with a deployed Eucalyptus Load Balancer instance.  For example, if the example mentioned in the resource "Testing for Weak SSL/TLS Ciphers, Insufficient Transport Layer Protection" where the Java JAR TestSSLServer is used to test against a Eucalyptus 4.0.2 HTTPS/SSL ELB, the following output would be returned:

$ java -jar Downloads/TestSSLServer.jar hasp-euca-elb-325271821652.eulb.future.euca-hasp.cs.prc.eucalyptus-systems.com 443
Supported versions: TLSv1.0 TLSv1.1 TLSv1.2
Deflate compression: no
Supported cipher suites (ORDER IS NOT SIGNIFICANT):
  TLSv1.0
     RSA_WITH_RC4_128_MD5
     RSA_WITH_RC4_128_SHA
     RSA_WITH_IDEA_CBC_SHA
     RSA_WITH_DES_CBC_SHA
     RSA_WITH_3DES_EDE_CBC_SHA
     DHE_RSA_WITH_DES_CBC_SHA
     DHE_RSA_WITH_3DES_EDE_CBC_SHA
     RSA_WITH_AES_128_CBC_SHA
     DHE_RSA_WITH_AES_128_CBC_SHA
     RSA_WITH_AES_256_CBC_SHA
     DHE_RSA_WITH_AES_256_CBC_SHA
     RSA_WITH_CAMELLIA_128_CBC_SHA
     DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
     RSA_WITH_CAMELLIA_256_CBC_SHA
     DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
     TLS_RSA_WITH_SEED_CBC_SHA
     TLS_DHE_RSA_WITH_SEED_CBC_SHA
     TLS_ECDHE_RSA_WITH_RC4_128_SHA
     TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
     TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
     TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  (TLSv1.1: idem)
  TLSv1.2
     RSA_WITH_RC4_128_MD5
     RSA_WITH_RC4_128_SHA
     RSA_WITH_IDEA_CBC_SHA
     RSA_WITH_DES_CBC_SHA
     RSA_WITH_3DES_EDE_CBC_SHA
     DHE_RSA_WITH_DES_CBC_SHA
     DHE_RSA_WITH_3DES_EDE_CBC_SHA
     RSA_WITH_AES_128_CBC_SHA
     DHE_RSA_WITH_AES_128_CBC_SHA
     RSA_WITH_AES_256_CBC_SHA
     DHE_RSA_WITH_AES_256_CBC_SHA
     RSA_WITH_AES_128_CBC_SHA256
     RSA_WITH_AES_256_CBC_SHA256
     RSA_WITH_CAMELLIA_128_CBC_SHA
     DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
     DHE_RSA_WITH_AES_128_CBC_SHA256
     DHE_RSA_WITH_AES_256_CBC_SHA256
     RSA_WITH_CAMELLIA_256_CBC_SHA
     DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
     TLS_RSA_WITH_SEED_CBC_SHA
     TLS_DHE_RSA_WITH_SEED_CBC_SHA
     TLS_RSA_WITH_AES_128_GCM_SHA256
     TLS_RSA_WITH_AES_256_GCM_SHA384
     TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
     TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
     TLS_ECDHE_RSA_WITH_RC4_128_SHA
     TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
     TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
     TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
     TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
     TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
     TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
     TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
----------------------
Server certificate(s):
  0295b423ed3cd6e13cf9599b11f6d716c3149384: EMAILADDRESS=harold.spencer.jr@dxc.com, CN=hasp-euca-elb.dev.eucalyptus-systems.com, OU=ELB Certificate, O=Honest CA, ST=California, C=US
----------------------
Minimal encryption strength:     medium encryption (56-bit)
Achievable encryption strength:  strong encryption (96-bit or more)
BEAST status: vulnerable
CRIME status: protected

As you can see, the various supported SSL ciphers are displayed, as well as the supported SSL protocols.  Notice how SSLv3 and SSLv2 are not displayed.  

Please refer to EUCA-9746 for more information regarding the ability to configure this option in the future.

Have more questions? Submit a request

Comments

Powered by Zendesk