Deprecated CipherSpecs

Earlier in Blog Post: Know your protocol I wrote about how IBM MQ V8 FixPack 2 had deprecated all the SSL 3.0 CipherSpecs and turned them off by default.

Now in FixPack 3 a further set of CipherSpecs have been deprecated so that, by default, attempts to use them will result in a error. The additional CipherSpecs deprecated in FixPack 3 are those which use no encryption; the RC algorithms (RC2 and RC4); and single DES.

UPDATE: Now with APAR IV90867, which is targeted for IBM MQ V8 FixPack 6, a further set of CipherSpecs have been deprecated. The additional CipherSpecs deprecated in FixPack 6 are those which use the Triple DES algorithm.

UPDATE: Now with V9.1, a further two CipherSpecs have been deprecated. The additional CipherSpecs deprecated in V9.1 are those which use the TLS 1.0 protocol.

Whatever version of MQ you are currently using, you should consider this as a strong hint to look at your use of any of these CipherSpecs and change to a stronger one where possible.

CipherSpecs now deprecated in IBM MQ, highlighted column shows the reason for deprecation.

CipherSpec Name	Protocol Used	Data Integrity	Encryption		Added in	Deprecated in
			Algorithm	Bits
AES_SHA_US	SSL 3.0	SHA-1	AES	128	V5.3
DES_SHA_EXPORT	SSL 3.0	SHA-1	DES	56	V5.3
DES_SHA_EXPORT1024	SSL 3.0	SHA-1	DES	56	V5.3
FIPS_WITH_DES_CBC_SHA	SSL 3.0	SHA-1	DES	56	V6
FIPS_WITH_3DES_EDE_CBC_SHA	SSL 3.0	SHA-1	3DES	168	V6
NULL_MD5	SSL 3.0	MD5	None	0	V5.3
NULL_SHA	SSL 3.0	SHA-1	None	0	V5.3
RC2_MD5_EXPORT	SSL 3.0	MD5	RC2	40	V5.3
RC4_MD5_EXPORT	SSL 3.0	MD5	RC4	40	V5.3
RC4_MD5_US	SSL 3.0	MD5	RC4	128	V5.3
RC4_SHA_US	SSL 3.0	SHA-1	RC4	128	V5.3
RC4_56_SHA_EXPORT1024	SSL 3.0	SHA-1	RC4	56	V5.3
TRIPLE_DES_SHA_US	SSL 3.0	SHA-1	3DES	168	V5.3
TLS_RSA_EXPORT_WITH_RC2_40_MD5	TLS 1.0	MD5	RC2	40	?
TLS_RSA_EXPORT_WITH_RC4_40_MD5	TLS 1.0	MD5	RC4	40	?
TLS_RSA_WITH_DES_CBC_SHA	TLS 1.0	SHA-1	DES	56	V6
TLS_RSA_WITH_NULL_MD5	TLS 1.0	MD5	None	0	?
TLS_RSA_WITH_NULL_SHA	TLS 1.0	SHA-1	None	0	?
TLS_RSA_WITH_RC4_128_MD5	TLS 1.0	MD5	RC4	128	?
ECDHE_ECDSA_NULL_SHA256	TLS 1.2	SHA-1	None	0	V7.1
ECDHE_ECDSA_RC4_128_SHA256	TLS 1.2	SHA-1	RC4	128	V7.1
ECDHE_RSA_NULL_SHA256	TLS 1.2	SHA-1	None	0	V71.
ECDHE_RSA_RC4_128_SHA256	TLS 1.2	SHA-1	RC4	128	V7.1
TLS_RSA_WITH_NULL_NULL	TLS 1.2	None	None	0	?
TLS_RSA_WITH_NULL_SHA256	TLS 1.2	SHA-256	None	0	V7.0.1
TLS_RSA_WITH_RC4_128_SHA256	TLS 1.2	SHA-1	RC4	128	?
TLS_RSA_WITH_3DES_EDE_CBC_SHA	TLS 1.0	SHA-1	3DES	168	V6
ECDHE_ECDSA_3DES_EDE_CBC_SHA256	TLS 1.2	SHA-1	3DES	168	V7.1
ECDHE_RSA_3DES_EDE_CBC_SHA256	TLS 1.2	SHA-1	3DES	168	V7.1
TLS_RSA_WITH_AES_128_CBC_SHA	TLS 1.0	SHA-1	AES	128	V6
TLS_RSA_WITH_AES_256_CBC_SHA	TLS 1.0	SHA-1	AES	256	V6

As an alternate way of thinking about it, you should be choosing a CipherSpec from the 17 listed in the following table, or moving to use the ANY* Alias CipherSpecs.

CipherSpecs still supported in IBM MQ. All of the TLS 1.2 entries are FIPS 140-2 certified, none of the TLS 1.3 entries are though.

Platform	CipherSpec Name	Protocol Used	Data Integrity	Encryption		Suite B	Added in
				Algorithm	Bits
LUW	TLS_AES_128_GCM_SHA256	TLS 1.3	GCM	AES-128 with GCM	128	No	V9.1.4
LUW	TLS_AES_256_GCM_SHA384	TLS 1.3	GCM	AES-256 with GCM	256	No	V9.1.4
LUW	TLS_CHACHA20_POLY1305_SHA256	TLS 1.3	POLY1305	CHACHA20	256	No	V9.1.4
LUW	TLS_AES_128_CCM_SHA256	TLS 1.3	CBC-MAC	AES-128 with CTR	128	No	V9.1.4
LUW	TLS_AES_128_CCM_8_SHA256	TLS 1.3	CBC-MAC	AES-128 with CTR	128	No	V9.1.4
All	TLS_RSA_WITH_AES_128_CBC_SHA256	TLS 1.2	SHA-256	AES	128	No	V7
All	TLS_RSA_WITH_AES_256_CBC_SHA256	TLS 1.2	SHA-256	AES	256	No	V7
All	TLS_RSA_WITH_AES_128_GCM_SHA256	TLS 1.2	AEAD AES-128 GCM	AES	128	No	V7.1
All	TLS_RSA_WITH_AES_256_GCM_SHA384	TLS 1.2	AEAD AES-128 GCM	AES	256	No	V7.1
All	ECDHE_ECDSA_AES_128_CBC_SHA256	TLS 1.2	SHA-256	AES	128	No	V7.1
All	ECDHE_ECDSA_AES_256_CBC_SHA384	TLS 1.2	SHA-384	AES	256	No	V7.1
LUW	ECDHE_ECDSA_AES_128_GCM_SHA256	TLS 1.2	AEAD AES-128 GCM	AES	128	128 bit	V7.1
LUW	ECDHE_ECDSA_AES_256_GCM_SHA384	TLS 1.2	AEAD AES-128 GCM	AES	256	192 bit	V7.1
All	ECDHE_RSA_AES_128_CBC_SHA256	TLS 1.2	SHA-256	AES	128	No	V7.1
All	ECDHE_RSA_AES_256_CBC_SHA384	TLS 1.2	SHA-384	AES	256	No	V7.1
All	ECDHE_RSA_AES_128_GCM_SHA256	TLS 1.2	AEAD AES-128 GCM	AES	128	No	V7.1
All	ECDHE_RSA_AES_256_GCM_SHA384	TLS 1.2	AEAD AES-128 GCM	AES	256	No	V7.1

The table in Knowledge Center: Specifying CipherSpecs only shows the supported CipherSpecs and there is a separate page for the list of Deprecated CipherSpecs.

Re-enabling the deprecated CipherSpecs

Be aware that if you have re-enabled SSL V3.0 CipherSpecs at IBM MQ V8 FixPack 2, and you upgrade to FixPack 3, you will have further re-enabling to do. It is not sufficient simply to re-enable the SSL V3.0 protocol as you did with FixPack 2, you also have to specify the weak CipherSpec you wish to allow use of.

If the CipherSpec you wish to re-enable is an SSL V3.0 CipherSpec one step you will need to do is re-enable the protocol. As detailed in Know your protocol this is done by editing the qm.ini file:-

SSL:

AllowSSLV3=Y

or setting the AMQ_SSL_V3_ENABLE=1 environment variable.

Additionally, to re-enable the specific CipherSpec, you can edit the qm.ini file to provide the name of the CipherSpec you wish to allow to be used:-

SSL:

AllowWeakCipherSpec=TRIPLE_DES_SHA_US

or set the AMQ_SSL_WEAK_CIPHER_ENABLE=TRIPLE_DES_SHA_US environment variable.

This setting can be a list of CipherSpecs, or ‘All’ to turn them all back on.

Without these settings use of a weak CipherSpec at define-time will result in:-

AMQ8242: SSLCIPH definition wrong.

and at run-time will result in an error message thus:-

-------------------------------------------------------------------------------
20/07/2015 17:42:26 - Process(6040.1) User(MUSR_MQADMIN3) Program(runmqchl.exe)
                      Host(GEM45) Installation(800FP3)
                      VRMF(8.0.0.3) QMgr(QM1)
                     
AMQ9674: The channel 'QM1.TO.QM2.SSL01' specified a weak or broken CipherSpec.

EXPLANATION:
The SSL or TLS channel 'QM1.TO.QM2.SSL01' is configured to use a weak or broken
CipherSpec 'TRIPLE_DES_SHA_US'. 

This error occurs when the channel has requested to use a CipherSpec that
utilizes cryptographic algorithms or protocols that are now considered to be
broken or weak. 

The channel did not start.
ACTION:
Ensure that the channel is configured to use a CipherSpec that uses a stronger
set of cryptographic algorithms or a stronger protocol. 

Alternatively, configure the queue manager to re-enable the weaker CipherSpec
'TRIPLE_DES_SHA_US' using the AMQ_SSL_WEAK_CIPHER_ENABLE environment variable,
or via the 'AllowWeakCipherSpec' attribute under the SSL stanza in the qm.ini
file. 
-------------------------------------------------------------------------------

Hopefully you won’t ever need to re-enable these old, weak CipherSpecs, but there’s always the chance that you have a channel that talks to an old version queue manager, and you’ll need one of these weaker CipherSpecs for that purpose. At least with this new re-enablement method you’ll only be allowing the one you need to be used, instead of opening them all up.

IBM resources on the same subject:-

• CipherSpec values supported in IBM MQ
• Deprecation: weaker cryptographic algorithms
• Specifying CipherSpecs
• SSL and TLS Cipher Specification Deprecations for the MQ Product

Other resources on the same subject:-

• Weak or broken cipher spec’s are blocked – PTF UI29471 – MQ V8.0

---

Morag Hughson is a Certified IBM MQ Specialist
IBM Certified System Administrator – MQ V8.0
Find her on: