Having the CBC mode ciphers enabled will trigger Nessus Plugin ID 70658: https://www.tenable.com/plugins/nessus/70658
This was likely a factor in DISA's decision to remove them from the STIG. Older versions of the STIG (at least the RHEL 6 STIG) had the CBC modes enabled, but they were taken out at some point for reasons unrelated to FIPS 140-2. On Wed, Mar 11, 2020, at 11:36 AM, Matěj Týč wrote: > One of RHEL7 bugzillas [1] shows an interesting discrepancy between our > content and STIG: > > * We feature [2] a rule "Use Only FIPS 140-2 Validated Ciphers" > * STIG has its own [3] "A FIPS 140-2 approved cryptographic algorithm > must be used for SSH communications." > There is a discrepancy between the two - while we claim that the > following ciphers are FIPS 140-2 certified on Red Hat Enterprise Linux > 7, only three of them are recognized as such by the STIG: > > * aes128-ctr(STIG) > * aes192-ctr(STIG) > * aes256-ctr(STIG) > * aes128-cb > * aes192-cbc > * aes256-cbc > * 3des-cbc > * rijndael-...@lysator.liu.se > I have confirmed correctness of our description with our FIPS SME Tomas > Mraz (in CC), so this issue looks as a bug in STIG - either the > requirement is too strict, so it is incorrect, or it is supposed to be > strict, and it should therefore be reworded, and we need to create a > new rule in our content. > Indeed, the STIG allows fewer ciphers than FIPS allows; the STIG currently says "If any ciphers other than "aes128-ctr", "aes192-ctr", or "aes256-ctr" are listed, the "Ciphers" keyword is missing, or the returned line is commented out, this is a finding." [4] Similarly, for the MACs allowed, "If any ciphers other than "hmac-sha2-256" or "hmac-sha2-512" are listed or the returned line is commented out, this is a finding." [5] More are permitted by FIPS than by SSH, but the STIG is FIPS compliant as-is, using a subset of the FIPS ciphers. From the Security Policy document for the certification [6], Only the following ciphers are allowed: - aes128-ctr - aes192-ctr - aes256-ctr - aes128-cbc - aes192-cbc - aes256-cbc - 3des-cbc - rijndael-...@lysator.liu.se Only the following message authentication codes are allowed: - hmac-sha1 - hmac-sha2-256 - hmac-sha2-512 - hmac-sha1-...@openssh.com - hmac-sha2-256-...@openssh.com - hmac-sha2-512-...@openssh.com > What is the procedure in cases like this? > I'd just configure the STIG subset of FIPS, and maybe ask DISA to add a clarification note to the STIG. Many folks are concerned about the FIPS-permitted 3DES algorithm [7], "3DES is deprecated for all new applications and usage is disallowed after 2023" V/r, James Cassell [4] Caution-https://vaulted.io/library/disa-stigs-srgs/red_hat_enterprise_linux_7_security_technical_implementation_guide/V-72221?version=V2R6 [5] Caution-https://vaulted.io/library/disa-stigs-srgs/red_hat_enterprise_linux_7_security_technical_implementation_guide/V-72253?version=V2R6 [6] Caution-https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3067.pdf [7] Caution-https://www.cryptomathic.com/news-events/blog/3des-is-officially-being-retired > References: > > > > [1]: Caution-https://bugzilla.redhat.com/show_bug.cgi?id=1781244 > > [2]: > > Caution-https://static.open-scap.org/ssg-guides/ssg-rhel7-guide-stig.html#xccdf_org.ssgproject.content_rule_sshd_use_approved_ciphers > > [3]: > Caution-https://www.stigviewer.com/stig/red_hat_enterprise_linux_7/2017-12-14/finding/V-72221 > _______________________________________________ scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org To unsubscribe send an email to scap-security-guide-le...@lists.fedorahosted.org Fedora Code of Conduct: Caution-https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: Caution-https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: Caution-https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedorahosted.org
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org To unsubscribe send an email to scap-security-guide-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedorahosted.org
