Windows Security. TLS – Part 2 (Remove CBC Ciphers)

Overview of Cipher-Block Chaining (CBC) ciphers

Cipher-Block Chaining (CBC) mode is a commonly used mode of operation for symmetric encryption algorithms. While it offers some advantages, it also harbours known vulnerabilities that can be exploited by attackers to compromise the security of your data.

CBC ciphers are not specific to a version of SSL or TLS and are enabled by default on Windows Server TLS v1.2.

Windows Server uses CDC ciphers and it is recommended that you disable CBC ciphers and that GCM ciphers are used instead. Potential issues of disabling CBC Ciphers generally relate to older hardware and legacy applications.

‍

Types of Vulnerabilities

Padding Oracle Attacks (Poodle and Beast). These attacks exploit the way CBC uses padding to ensure predictable sizes. Manipulating the ciphertext can allow attackers to progressively decrypt parts of the message.

Initialisation Vector (IV) Reuse. CBC relies on a unique IV for each block of data. Reusing the same IV can leak information about the plaintext, potentially revealing data.

Sid-Channel Attacks. These attacks exploit physical leaks during encryption/decryption processes to gain information about the plaintext. They are not specific to CBC, but they can be more effective due to it’s dependence on previous blocks.

‍

Concerns about CBC

Complexity of Implementation. Securely implementing CBC can be challenging, as even small bugs can introduce vulnerabilities.

Newer and Safer Alternatives. Other cipher suites such as GCM offer stronger security guarantees and are generally recommended for new applications.

‍

Current Status

Many organisations such as Qualys SSL Labs, Microsoft etc consider CBC ciphers to be weak and discourage their use.

Major browsers have deprecated or disabled support for vulnerable CBC ciphers.

CBC ciphers should be avoided and instead use GCM where possible.

‍

How to Check if CBC Ciphers are in use.

1. PowerShell

Get-TlsCipherSuite -Name CBC

‍

‍

2. NMAP

nmap --script ssl-enum-ciphers 192.168.200.4

‍

3. IISCRYPTO

‍

How to Remove CBC Ciphers

1. Group Policy

• Create new or edit existing GPO
• Expand Computer Configuration > Policies > Administrative Templates ? Network > SSL Configuraiton Settings
• Enable the policy SSL Cipher Suite Order
• Provide a list of cipher suites to use which excludes CBC ciphers.

2. PowerShell

The command Disable-TlsCipherSuite can be used to remove specific CBC ciphers.

Disable-TlsCipherSuite -Name "TLS_RSA_WITH_AES_128_CBC_SHA"

‍

3. IISCRYPTO

Manually uncheck the CBC ciphers which you want to remove and click Apply

‍

4. Modify registry keys (not advised)

Start registry editor and navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers.

Locate the keys for the CBC ciphers and set the Enabled DWORD value to 0

‍

Other Considerations

If we take the following scenario that you have built new servers, removed deprecated protocols and CBC ciphers from the servers and are happy that everything is good.

Several weeks or months later software is installed on the system, and say for example that the software allows remote access to the server via a shared desktop. Or just say that it opens a port and listens for incoming connections. 55555 in this example.

There is good possibility that the software uses some of the CBC’s that you previously removed.

IISCRYPTO or PowerShell won’t show them, but NMAP will.

‍