Hi Steve,
Thanks for reply. Do you have idea how CBC ciphers can be disabled?
Regards,
Alok
On Tue, Nov 12, 2013 at 8:23 PM, Dr. Stephen Henson <st...@openssl.org>wrote:
> On Tue, Nov 12, 2013, Alok Sharma wrote:
>
> > One of the openSSL vulnerabilities is:
> >
> > CVE-2013-0169:
> >
> > The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used
> > in OpenSSL, , do not properly consider timing side-channel attacks on a
> MAC
> > check requirement during the processing of malformed CBC padding, which
> > allows remote attackers to conduct distinguishing attacks and
> > plaintext-recovery attacks via statistical analysis of timing data for
> > crafted packets, aka the "Lucky Thirteen" issue.
> >
> > All versions of OpenSSL are affected including 1.0.1c, 1.0.0j and
> 0.9.8x
> >
> > Affected users should upgrade to OpenSSL 1.0.1d, 1.0.0k or 0.9.8y
> >
> > we use DTLS 1.0 protocol.
> >
> > Does anyone know of any setting in openssl configuration that can be
> > tweaked to mitigate this vulnerability? E.g. a setting to not allow use
> of
> > algorithms with CBC etc.?
> >
>
> The vulnerability is addressed in the latest OpenSSL releases.
>
> If you disable CBC ciphers then you're only left with GCM and RC4. RC4
> can't
> be used with DTLS and GCM is only supported in DTLS 1.2.
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
