21 January 2021

NSA shares guidance on replacing obsolete TLS protocols


NSA shares guidance on replacing obsolete TLS protocols

The National Security Agency (NSA) released recommendations designed to help organizations, network administrators and security analysts eliminate obsolete Transport Layer Security (TLS) protocol configurations, as network connections employing obsolete protocols are at an elevated risk of exploitation by malicious actors.

The NSA said that obsolete encryption provides “a false sense of security because it may look as though sensitive data is protected, even though it really is not” and all systems should block obsolete configurations for TLS and SSL protocols.

“NSA recommends that only TLS 1.2 or TLS 1.3 be used; and that SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 not be used,” the agency said.

In case of TLS 1.2 and TLS 1.3, the NSA says these two protocols should not be configured with weak cryptographic parameters and cipher suites.

"Especially weak encryption algorithms in TLS 1.2 are designated as NULL, RC2, RC4, DES, IDEA, and TDES/3DES; cipher suites using these algorithms should not be used," the NSA warns. "TLS 1.3 removes these cipher suites, but implementations that support both TLS 1.3 and TLS 1.2 should be checked for obsolete cipher suites."

The guidance provides organizations with recommended TLS configurations and remediation steps for those who rely on obsolete configurations. Network administrators and security analysts can also learn how detect weak configurations, as well as necessary remediation steps:

  • First, identify clients offering and servers negotiating obsolete TLS versions. If a client offers, or a server negotiates SSL 2.0, SSL 3.0, or an obsolete TLS version, no further traffic analysis is required and remediation strategies should be employed.

  • Next, for sessions using TLS 1.2, analysts should identify and remediate devices using obsolete cipher suites. Identify clients only offering and servers negotiating obsolete TLS cipher suites and update their configurations to be compliant. Note for TLS 1.3, neither NIST nor CNSS identify cipher suites that must not be used – however, CNSA compliant configurations should be followed.

  • Finally, for sessions using TLS 1.2 or TLS 1.3 and recommended cipher suites, analysts should identify and remediate devices using weak key exchange methods.



Back to the list

Latest Posts

Vulnerability summary for the week: March 5, 2021

Vulnerability summary for the week: March 5, 2021

A weekly vulnerability digest.
5 March 2021
Microsoft shares details on three new malware strains used in SolarWinds hack

Microsoft shares details on three new malware strains used in SolarWinds hack

GoldMax, Sibot and GoldFinder were used by attackers to achieve persistence on the infected machines and perform actions post-compromise.
5 March 2021
Four notorious cybercrime forums hacked

Four notorious cybercrime forums hacked

The list of hacked crime forums includes Maza, Verified, Crdclub and Exploit.
5 March 2021