Knowledge Base

Finding

F

Encryption Algorithm: null encryption

Summary

Security

Encryption algorithm is a null encryption[360][361] that cannot provide confidentiality[91][92][93], so connection is available or disclosed to unauthorized individuals, entities, or processes.

Suggestion

Remove the cipher suite from the list of cipher suites supported by your server.

Evaluate your host!

Type a URL to analyze a service

Get a prompt and clear overview of your security configuration. Right now!

Config Snippets

You can fix your security setting with the following config snippets in various services. You simply copy-paste (or delete) them to get a better secirity and grade. Do not forget to re-check your modified settings above.

If you want to reveal your security weaknesses and monitor your services or supply chain sign up for our beta test.

i
Apache
OpenSSL version: 0.9.8+ 
SSLCipherSuite …:!eNULL
i
NGINX
OpenSSL version: 0.9.8+ 
ssl_ciphers …:!eNULL

Affected Cipher Suites

Cipher suite name
OLD_TLS_ECDH_ECDSA_WITH_NULL_SHA
TLS_DHE_PSK_WITH_NULL_SHA
TLS_DHE_PSK_WITH_NULL_SHA256
TLS_DHE_PSK_WITH_NULL_SHA384
TLS_ECDHE_ECDSA_WITH_NULL_SHA
TLS_ECDHE_PSK_WITH_NULL_SHA
TLS_ECDHE_PSK_WITH_NULL_SHA256
TLS_ECDHE_PSK_WITH_NULL_SHA384
TLS_ECDHE_RSA_WITH_NULL_SHA
TLS_ECDH_ECDSA_WITH_NULL_SHA
TLS_ECDH_RSA_WITH_NULL_SHA
TLS_ECDH_anon_WITH_NULL_SHA
TLS_GOSTR341001_WITH_NULL_GOSTR3411
TLS_GOSTR341094_WITH_NULL_GOSTR3411
TLS_GOSTR341112_256_WITH_NULL_GOSTR3411
TLS_PSK_WITH_NULL_SHA
TLS_PSK_WITH_NULL_SHA256
TLS_PSK_WITH_NULL_SHA384
TLS_RSA_PSK_WITH_NULL_SHA
TLS_RSA_PSK_WITH_NULL_SHA256
TLS_RSA_PSK_WITH_NULL_SHA384
TLS_RSA_WITH_NULL_MD5
TLS_RSA_WITH_NULL_SHA
TLS_RSA_WITH_NULL_SHA256