Knowledge Base

Key Exchange Algorithm: RSA

Summary

Security

RSA^[320]^[321] key exchange is a key exchange^[467] that has no forward secrecy^[135]^[136]^[137]^[138], and does not protect past sessions against future compromises. If long-term secret keys or passwords are compromised, encrypted communications and sessions recorded in the past can be retrieved and decrypted. Throughout its history RSA encryption has had many security flaws^[310]^[311]^[312]^[313]^[314]^[315] and was affected by variety of attack types: chosen-ciphertext attack^[557] (eg: Bleichenbacher's attack^[76]^[77], ROBOT attack^[540]^[541]^[542]^[543]), side-channel attack^[106]^[107]^[108] (eg: padding oracle attack^[45]^[46]^[47]^[48], like Bleichenbacher's cat^[337]^[338]^[339]^[340]).

Suggestion

Always prefer cipher suites with PFS property over the non-PFS ones. Note that performance considerations implies preferring Ephemeral Elliptic-curve Diffie–Hellman^[91]^[92] over Ephemeral Diffie-Hellman^[142]^[143]^[144]^[145].

Evaluate your host!

Get a prompt and clear overview of your security configuration. Right now!

Config Snippets

You can fix your security setting with the following config snippets in various services. You simply copy-paste (or delete) them to get a better secirity and grade. Do not forget to re-check your modified settings above.

If you want to reveal your security weaknesses and monitor your services or supply chain sign up for our beta test.

NGINX

OpenSSL version: 0.9.8+

ssl_ciphers …:!kRSA

Apache