Knowledge Base

F

Cipher Suite: TLS_­DH_­anon_­WITH_­RC4_­128_­MD5

Summary

code:
(0x00, 0x18)
IANA Name:
TLS_DH_anon_WITH_RC4_128_MD5

Check your host!

Type a URL to analyze a service

Get a prompt and clear overview of your security configuration. Right now!

Components

F
Key Exchange Method
Name
Anonymous Diffie–Hellman (ADH)
Security
The anonymous Diffie-Hellman[90] key exchange[467] is a variant of Diffie-Hellman[269][270][271][272][273] key exchange that does not provide authenticity[201][202][203]. Lack of authentication causes that the identity of server cannot be proved, so connection is open for a man-in-the-middle attack[414].
Recommendations
Remove the cipher suite from the list of cipher suites supported by your server or replace the cipher suite with it's Ephemeral Diffie-Hellman[142][143][144][145] version.
F
Authentication Method
Name
anon
Security
Lack of authentication is combined with anonymous key exchange[25][26], identity of server cannot be proved, so connection is open for a man-in-the-middle attack[414].
Recommendations
Remove the cipher suite from the list of cipher suites supported by your server.
F
Encryption Type
Name
RC4-128
Security
Encryption algorithm Rivest Cipher 4[459][460][461][462] is a stream cipher[78][79] that is more malleable[158] than a block cipher[524][525][526][527]. It has multiple vulnerabilities[27][28][29][30][31] (eg: related-key attack[53], distinguishing attack[349], ...), so attacker can apply statistical analysis against it to recover the encrypted text.
Recommendations
Remove the cipher suite from the list of cipher suites supported by your server.
A+
Encryption Key Size
Name
128
Security
The symmetric key[193][194][195] withkey size[438] more than 128 bits as it is should be according to National Institute of Standards and Technology[428][429] so it is not vulnerable to preimage attack[215] and it cannreliably prove that message came from the stated sender (its authenticity) and has not been changed, so connection is not open for a man-in-the-middle attack[414].
Recommendations
Remove the cipher suite from the list of cipher suites supported by your server.
B
Message Authentication Code
Name
MD5
Security
message authentication code[128][129][130][131] is a hashed message authentication code[418][419][420][421][422][423][424] which is considered secure[435][436], despite the fact that the underlaying cryptographic hash function[510][511][512][513] (MD5[227][228][229]) is considered insecure[139][140] as it vulnerable to collision attack[566] in practice and to preimage attack[215] in theory.
Recommendations
Leading client applications do not use this type of message authentication code[128][129][130][131]. Unless your application or requirements specifically call for their use, it is generally safer to avoid cipher suites that are not adopted and supported by a critical mass of the industry. If your application or requirements specifically call for the use of a message authentication code[128][129][130][131] that does not provide authenticated encryption[563] prefer block cipher mode of operation[293][294][295][296][297] (eg: counter with CBC-MAC[266][267][268], Galois/Counter Mode[65][66][67][68] or message authentication code[128][129][130][131] (eg: Poly1305[289][290]) that proved authenticated encryption over the ones which does not provide it. In case of a hashed message authentication code[418][419][420][421][422][423][424] prefer message authentication code[128][129][130][131] based on Secure Hash Algorithm 2[71][72][73] over the ones based on MD5[227][228][229].