Deprecated CipherSpecs

Cracked PadlockEarlier in Blog Post: Know your protocol I wrote about how IBM MQ V8 FixPack 2 had deprecated all the SSL 3.0 CipherSpecs and turned them off by default.

Now in FixPack 3 a further set of CipherSpecs have been deprecated so that, by default, attempts to use them will result in a error. The additional CipherSpecs deprecated in FixPack 3 are those which use no encryption; the RC algorithms (RC2 and RC4); and single DES.

UPDATE: Now with APAR IV90867, which is targeted for IBM MQ V8 FixPack 6, a further set of CipherSpecs have been deprecated. The additional CipherSpecs deprecated in FixPack 6 are those which use the Triple DES algorithm.

Whether you are currently on IBM MQ V8 at any of these FixPacs or not, you should consider this as a strong hint to look at your use of any of these CipherSpecs and change to a stronger one where possible.

CipherSpecs now deprecated in IBM MQ V8, highlighted column shows the reason for deprecation.
CipherSpec Name Protocol Used Data Integrity Encryption Deprecated in
Algorithm Bits
AES_SHA_US SSL 3.0 SHA-1 AES 128 V8 FixPack 2
DES_SHA_EXPORT SSL 3.0 SHA-1 DES 56 V8 FixPack 2
DES_SHA_EXPORT1024 SSL 3.0 SHA-1 DES 56 V8 FixPack 2
FIPS_WITH_DES_CBC_SHA SSL 3.0 SHA-1 DES 56 V8 FixPack 2
FIPS_WITH_3DES_EDE_CBC_SHA SSL 3.0 SHA-1 3DES 168 V8 FixPack 2
NULL_MD5 SSL 3.0 MD5 None 0 V8 FixPack 2
NULL_SHA SSL 3.0 SHA-1 None 0 V8 FixPack 2
RC2_MD5_EXPORT SSL 3.0 MD5 RC2 40 V8 FixPack 2
RC4_MD5_EXPORT SSL 3.0 MD5 RC4 40 V8 FixPack 2
RC4_MD5_US SSL 3.0 MD5 RC4 128 V8 FixPack 2
RC4_SHA_US SSL 3.0 SHA-1 RC4 128 V8 FixPack 2
RC4_56_SHA_EXPORT1024 SSL 3.0 SHA-1 RC4 56 V8 FixPack 2
TRIPLE_DES_SHA_US SSL 3.0 SHA-1 3DES 168 V8 FixPack 2
TLS_RSA_EXPORT_WITH_RC2_40_MD5 TLS 1.0 MD5 RC2 40 V8 FixPack 3
TLS_RSA_EXPORT_WITH_RC4_40_MD5 TLS 1.0 MD5 RC4 40 V8 FixPack 3
TLS_RSA_WITH_DES_CBC_SHA TLS 1.0 SHA-1 DES 56 V8 FixPack 3
TLS_RSA_WITH_NULL_MD5 TLS 1.0 MD5 None 0 V8 FixPack 3
TLS_RSA_WITH_NULL_SHA TLS 1.0 SHA-1 None 0 V8 FixPack 3
TLS_RSA_WITH_RC4_128_MD5 TLS 1.0 MD5 RC4 128 V8 FixPack 3
ECDHE_ECDSA_NULL_SHA256 TLS 1.2 SHA-1 None 0 V8 FixPack 3
ECDHE_ECDSA_RC4_128_SHA256 TLS 1.2 SHA-1 RC4 128 V8 FixPack 3
ECDHE_RSA_NULL_SHA256 TLS 1.2 SHA-1 None 0 V8 FixPack 3
ECDHE_RSA_RC4_128_SHA256 TLS 1.2 SHA-1 RC4 128 V8 FixPack 3
TLS_RSA_WITH_NULL_NULL TLS 1.2 None None 0 V8 FixPack 3
TLS_RSA_WITH_NULL_SHA256 TLS 1.2 SHA-256 None 0 V8 FixPack 3
TLS_RSA_WITH_RC4_128_SHA256 TLS 1.2 SHA-1 RC4 128 V8 FixPack 3
TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0 SHA-1 3DES 168 V8 FixPack 6
ECDHE_ECDSA_3DES_EDE_CBC_SHA256 TLS 1.2 SHA-1 3DES 168 V8 FixPack 6
ECDHE_RSA_3DES_EDE_CBC_SHA256 TLS 1.2 SHA-1 3DES 168 V8 FixPack 6

As an alternate way of thinking about it, you should be choosing a CipherSpec from the 14 listed in the following table.

CipherSpecs still supported in IBM MQ V8. All of these are FIPS 140-2 certified.
Platform CipherSpec Name Protocol Used Data Integrity Encryption Suite B Added in
Algorithm Bits
All TLS_RSA_WITH_AES_128_CBC_SHA TLS 1.0 SHA-1 AES 128 No V7
All TLS_RSA_WITH_AES_256_CBC_SHA TLS 1.0 SHA-1 AES 256 No V7
All TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2 SHA-256 AES 128 No V7
All TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2 SHA-256 AES 256 No V7
LUW TLS_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2 AEAD AES-128 GCM AES 128 No V7.1
LUW TLS_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2 AEAD AES-128 GCM AES 256 No V7.1
Not IBM i ECDHE_ECDSA_AES_128_CBC_SHA256 TLS 1.2 SHA-256 AES 128 No V7.1
Not IBM i ECDHE_ECDSA_AES_256_CBC_SHA384 TLS 1.2 SHA-384 AES 256 No V7.1
LUW ECDHE_ECDSA_AES_128_GCM_SHA256 TLS 1.2 AEAD AES-128 GCM AES 128 128 bit V7.1
LUW ECDHE_ECDSA_AES_256_GCM_SHA384 TLS 1.2 AEAD AES-128 GCM AES 256 192 bit V7.1
Not IBM i ECDHE_RSA_AES_128_CBC_SHA256 TLS 1.2 SHA-256 AES 128 No V7.1
Not IBM i ECDHE_RSA_AES_256_CBC_SHA384 TLS 1.2 SHA-384 AES 256 No V7.1
LUW ECDHE_RSA_AES_128_GCM_SHA256 TLS 1.2 AEAD AES-128 GCM AES 128 No V7.1
LUW ECDHE_RSA_AES_256_GCM_SHA384 TLS 1.2 AEAD AES-128 GCM AES 256 No V7.1

I have requested that the table in Knowledge Center: Specifying CipherSpecs is updated to only show the supported CipherSpecs and that the details of the deprecated ones are moved out of the way to a separate page.

EDIT: Knowledge Center has now been updated to only show the supported ones and there is a separate page for the list of Deprecated CipherSpecs.

Re-enabling the deprecated CipherSpecs

Be aware that if you have re-enabled SSL V3.0 CipherSpecs at IBM MQ V8 FixPack 2, and you upgrade to FixPack 3, you will have further re-enabling to do. It is not sufficient simply to re-enable the SSL V3.0 protocol as you did with FixPack 2, you also have to specify the weak CipherSpec you wish to allow use of.

If the CipherSpec you wish to re-enable is an SSL V3.0 CipherSpec one step you will need to do is re-enable the protocol. As detailed in Know your protocol this is done by editing the qm.ini file:-

SSL:

AllowSSLV3=Y

or setting the AMQ_SSL_V3_ENABLE=1 environment variable.

Additionally, to re-enable the specific CipherSpec, you can edit the qm.ini file to provide the name of the CipherSpec you wish to allow to be used:-

SSL:

AllowWeakCipherSpec=TRIPLE_DES_SHA_US

or set the AMQ_SSL_WEAK_CIPHER_ENABLE=TRIPLE_DES_SHA_US environment variable.

This setting can be a list of CipherSpecs, or ‘All’ to turn them all back on.

Without these settings use of a weak CipherSpec at define-time will result in:-

AMQ8242: SSLCIPH definition wrong.

and at run-time will result in an error message thus:-

-------------------------------------------------------------------------------
20/07/2015 17:42:26 - Process(6040.1) User(MUSR_MQADMIN3) Program(runmqchl.exe)
                      Host(GEM45) Installation(800FP3)
                      VRMF(8.0.0.3) QMgr(QM1)
                     
AMQ9674: The channel 'QM1.TO.QM2.SSL01' specified a weak or broken CipherSpec.

EXPLANATION:
The SSL or TLS channel 'QM1.TO.QM2.SSL01' is configured to use a weak or broken
CipherSpec 'TRIPLE_DES_SHA_US'. 

This error occurs when the channel has requested to use a CipherSpec that
utilizes cryptographic algorithms or protocols that are now considered to be
broken or weak. 

The channel did not start.
ACTION:
Ensure that the channel is configured to use a CipherSpec that uses a stronger
set of cryptographic algorithms or a stronger protocol. 

Alternatively, configure the queue manager to re-enable the weaker CipherSpec
'TRIPLE_DES_SHA_US' using the AMQ_SSL_WEAK_CIPHER_ENABLE environment variable,
or via the 'AllowWeakCipherSpec' attribute under the SSL stanza in the qm.ini
file. 
-------------------------------------------------------------------------------

Hopefully you won’t ever need to re-enable these old, weak CipherSpecs, but there’s always the chance that you have a channel that talks to an old version queue manager, and you’ll need one of these weaker CipherSpecs for that purpose. At least with this new re-enablement method you’ll only be allowing the one you need to be used, instead of opening them all up.

IBM resources on the same subject:-

Other resources on the same subject:-


IBM Certified Specialist

Morag Hughson is a Certified IBM MQ Specialist
IBM Certified System Administrator – MQ V8.0
Find her on: LinkedIn: http://uk.linkedin.com/in/moraghughson   Twitter: https://twitter.com/MoragHughson   SlideShare: http://www.slideshare.net/moraghughson

Advertisements

2 thoughts on “Deprecated CipherSpecs

    • Hi Peter,

      Not at all, you can have a comma separated list of the ones you want to re-enable or just use the word ‘All’ to re-enable all of them.

      Cheers
      Morag

      Like

The team at MQGem would love to hear what you think. Leave your comments here.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s