You are here

Media Reports on RC4 Cipher

IDs: 
CVE-2013-2566
Keywords: 
RC4, NSA
Description: 

On November 2013 Jacob Appelbaum, an independent security researcher, twittered that RC4 is broken and NSA is able break the cipher in real-time [1]. As a consequence the subject was picked up by several media reports and Microsoft published a security advisory and updates to disable RC4 in newer versions of Windows [2].

In March 2013 the team of Nadhem AlFardan, Dan Bernstein, Kenny Paterson, Bertram Poettering and Jacob Schuldt published an RC4 encryption attack in SSL/TLS based on new statistical biases in the RC4 key table [3, 4]. It's not clear whether the current media reports were solely based on the results of this publication or any further unpublished information.

Due to this unclear situation we published the hot fix HF4218 for Airlock 4.2.6.x which modifies the default SSL cipher suite. By applying the hot fix all modern clients negotiate a non-RC4 SSL/TLS cipher. Further the cipher suite was optimized to provide forward secrecy where technically possible. Only certain old clients like IE6/XP which are probably not patched to prevent the practical BEAST attack [5] are still negotiating an RC4 cipher for backward compatibility. A detailed analysis of the new SSL cipher suite introduced with HF4218 can be found at SSL Ciphersuite Configuration for External HTTPS Connections

Resolution: 

Airlock protects back-end systems against SSL/TLS attacks by terminating the protocol.

Component: 
Airlock
Airlock Vulnerability Status: 
Airlock vulnerable, see resolution
Back-end Vulnerability Status: 
Does not affect back-end behind Airlock