On Wednesday, March 11, 2020 12:20:38 PM EDT Reese, Brian J CTR (USA) wrote: > Having the CBC mode ciphers enabled will trigger Nessus Plugin ID 70658: > > https://www.tenable.com/plugins/nessus/70658 > > This was likely a factor in DISA's decision to remove them from the STIG. > Older versions of the STIG (at least the RHEL 6 STIG) had the CBC modes > enabled, but they were taken out at some point for reasons unrelated to > FIPS 140-2.
Right. There was a vulnerability on RHEL 5 & 6 that was fixed. This is CVE-2008-5161. Fixed long ago. -Steve > On Wed, Mar 11, 2020, at 11:36 AM, Matěj Týč wrote: > > One of RHEL7 bugzillas [1] shows an interesting discrepancy between our > > > > content and STIG: > > * We feature [2] a rule "Use Only FIPS 140-2 Validated Ciphers" > > * STIG has its own [3] "A FIPS 140-2 approved cryptographic algorithm > > > > must be used for SSH communications." > > There is a discrepancy between the two - while we claim that the > > following ciphers are FIPS 140-2 certified on Red Hat Enterprise Linux > > > > 7, only three of them are recognized as such by the STIG: > > * aes128-ctr(STIG) > > * aes192-ctr(STIG) > > * aes256-ctr(STIG) > > * aes128-cb > > * aes192-cbc > > * aes256-cbc > > * 3des-cbc > > * rijndael-...@lysator.liu.se > > > > I have confirmed correctness of our description with our FIPS SME Tomas > > Mraz (in CC), so this issue looks as a bug in STIG - either the > > requirement is too strict, so it is incorrect, or it is supposed to be > > strict, and it should therefore be reworded, and we need to create a > > new rule in our content. > > Indeed, the STIG allows fewer ciphers than FIPS allows; the STIG currently > says "If any ciphers other than "aes128-ctr", "aes192-ctr", or > "aes256-ctr" are listed, the "Ciphers" keyword is missing, or the returned > line is commented out, this is a finding." [4] > > Similarly, for the MACs allowed, "If any ciphers other than "hmac-sha2-256" > or "hmac-sha2-512" are listed or the returned line is commented out, this > is a finding." [5] > > More are permitted by FIPS than by SSH, but the STIG is FIPS compliant > as-is, using a subset of the FIPS ciphers. From the Security Policy > document for the certification [6], > > Only the following ciphers are allowed: > - aes128-ctr > - aes192-ctr > - aes256-ctr > - aes128-cbc > - aes192-cbc > - aes256-cbc > - 3des-cbc > - rijndael-...@lysator.liu.se > Only the following message authentication codes are allowed: > - hmac-sha1 > - hmac-sha2-256 > - hmac-sha2-512 > - hmac-sha1-...@openssh.com > - hmac-sha2-256-...@openssh.com > - hmac-sha2-512-...@openssh.com > > > What is the procedure in cases like this? > > I'd just configure the STIG subset of FIPS, and maybe ask DISA to add a > clarification note to the STIG. Many folks are concerned about the > FIPS-permitted 3DES algorithm [7], "3DES is deprecated for all new > applications and usage is disallowed after 2023" > > > V/r, > James Cassell > > > [4] > Caution-https://vaulted.io/library/disa-stigs-srgs/red_hat_enterprise_linu > x_7_security_technical_implementation_guide/V-72221?version=V2R6 > > [5] > Caution-https://vaulted.io/library/disa-stigs-srgs/red_hat_enterprise_linu > x_7_security_technical_implementation_guide/V-72253?version=V2R6 > > [6] > Caution-https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-val > idation-program/documents/security-policies/140sp3067.pdf > > [7] > Caution-https://www.cryptomathic.com/news-events/blog/3des-is-officially-b > eing-retired > > References: > > > [1]: Caution-https://bugzilla.redhat.com/show_bug.cgi?id=1781244 > > > > > > [2]: > > > Caution-https://static.open-scap.org/ssg-guides/ssg-rhel7-guide-stig. > > > html#xccdf_org.ssgproject.content_rule_sshd_use_approved_ciphers> > > > [3]: > > Caution-https://www.stigviewer.com/stig/red_hat_enterprise_linux_7/2017-1 > > 2-14/finding/V-72221 > _______________________________________________ > scap-security-guide mailing list -- > scap-security-guide@lists.fedorahosted.org To unsubscribe send an email to > scap-security-guide-le...@lists.fedorahosted.org Fedora Code of Conduct: > Caution-https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List > Guidelines: Caution-https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > Caution-https://lists.fedorahosted.org/archives/list/scap-security-guide@l > ists.fedorahosted.org _______________________________________________ scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org To unsubscribe send an email to scap-security-guide-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedorahosted.org
