Knowledge Base

F

Cipher Suite: TLS_­RSA_­WITH_­NULL_­SHA

Summary

code:
(0x00, 0x02)
IANA Name:
TLS_RSA_WITH_NULL_SHA

Check your host!

Type a URL to analyze a service

Get a prompt and clear overview of your security configuration. Right now!

Components

C
Key Exchange Method
Name
Rivest–Shamir–Adleman (RSA)
Security
RSA[320][321] key exchange is a key exchange[467] that has no forward secrecy[135][136][137][138], and does not protect past sessions against future compromises. If long-term secret keys or passwords are compromised, encrypted communications and sessions recorded in the past can be retrieved and decrypted. Throughout its history RSA encryption has had many security flaws[310][311][312][313][314][315] and was affected by variety of attack types: chosen-ciphertext attack[557] (eg: Bleichenbacher's attack[76][77], ROBOT attack[540][541][542][543]), side-channel attack[106][107][108] (eg: padding oracle attack[45][46][47][48], like Bleichenbacher's cat[337][338][339][340]).
Recommendations
Always prefer cipher suites with PFS property over the non-PFS ones. Note that performance considerations implies preferring Ephemeral Elliptic-curve Diffie–Hellman[91][92] over Ephemeral Diffie-Hellman[142][143][144][145].
A+
Authentication Method
Name
Rivest–Shamir–Adleman (RSA)
Security
Rivest–Shamir–Adleman[80][81][82] is a digital signature[231][232][233][234] algorithm, which is considered secure, however there are known weaknesses[322][323][324][325][326].
Recommendations
F
Encryption Type
Name
NULL
Security
Encryption algorithm is a null encryption[568][569] that cannot provide confidentiality[198][199][200], so connection is available or disclosed to unauthorized individuals, entities, or processes.
Recommendations
Remove the cipher suite from the list of cipher suites supported by your server.
A-
Message Authentication Code
Name
SHA-1
Security
message authentication code[128][129][130][131] is a hashed message authentication code[418][419][420][421][422][423][424] which is considered secure[159], despite the fact that the underlayingcryptographic hash function[510][511][512][513] (Secure Hash Algorithm 1[204][205][206]) is considered insecure[370][371][372][373][374][375][376].
Recommendations
If your application or requirements specifically call for the use of a message authentication code[128][129][130][131] that does not provide authenticated encryption[563] prefer block cipher mode of operation[293][294][295][296][297] (eg: counter with CBC-MAC[266][267][268], Galois/Counter Mode[65][66][67][68] or message authentication code[128][129][130][131] (eg: Poly1305[289][290]) that proved authenticated encryption over the ones which does not provide it. In case of a hashed message authentication code[418][419][420][421][422][423][424] prefer message authentication code[128][129][130][131] based on Secure Hash Algorithm 2[71][72][73] over the ones based on Secure Hash Algorithm 1[204][205][206].