Birthday attacks against TLS ciphers with 64bit (Sweet32)

Question

How to disable below vulnerability for TLS1.2 in Windows 10?

QID: 38657
THREAT:
Legacy block ciphers having block size of 64 bits are vulnerable to a practical collision attack when used in CBC mode.
All versions of SSL/TLS
protocol support cipher suites which use DES, 3DES, IDEA or RC2 as the symmetric encryption cipher are affected.

IMPACT:
Remote attackers can obtain cleartext data via a birthday attack against a long-duration encrypted session.
SOLUTION:
Disable and stop using DES, 3DES, IDEA or RC2 ciphers.
More information can be found at Microsoft Windows TLS changes docs
(https://learn.microsoft.com/en-us/windows-server/security/tls/tls-schannel-ssp-changes-in-windows-10-and-windows-server) and Microsoft Transport
Layer Security (TLS) registry settings (https://learn.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings)

RESULTS:
CIPHER KEY-EXCHANGE AUTHENTICATION MAC ENCRYPTION(KEY-STRENGTH) GRADE
TLSv1.2 WITH 64-BIT CBC CIPHERS IS
SUPPORTED
DES-CBC3-SHA RSA RSA SHA1 3DES(168) MEDIUM

Answer 1

We managed to fix this issue by following the recommendations from our Security team.
No problem, the steps to fix it are as follows:

1. Go to “HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers”.
2. Create Subkey “HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168”.
3. Create DWORD value “Enabled” in the subkey and set its data to 0x0.

 

End result should look like the following.

I have tested it our lab environment for Windows 10 Pro (domain-joined workstation) and Windows Server 2019 (DC for child domain) and I can confirm it did not break Schannel-based RDP successive logins to the best of my knowledge.

 

The vulnerability was also mitigated as per the following nmap scans that leveraged “ssl-enum-ciphers” script to test for Sweet32. Left being before the patch and right being after the patch.

Answer 2

Hello @Gangi Reddy ,

Thank you for posting here.

We can check all TLS Cipher Suites by running command below.

Get-TlsCipherSuite

OR

Get-TlsCipherSuite >C:\machinename.txt

For example:

Or you can check DES, 3DES, IDEA or RC2 cipher Suites as below.
Get-TlsCipherSuite -Name "DES"
Get-TlsCipherSuite -Name "3DES"
Get-TlsCipherSuite -Name "IDEA"
Get-TlsCipherSuite -Name "RC2"

For example:

You can disable certain specific ciphers by removing them from HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002

Then restart the machine to see if it helps.

For more information, please refer to the part "Enabling or Disabling additional cipher suites" in the following link.

Managing SSL/TLS Protocols and Cipher Suites for AD FS
https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs

Hope the information above is helpful to you.

Should you have any question or concern, please feel free to let us know.

Best Regards,
Daisy Zhou

============================================

If the Answer is helpful, please click "Accept Answer" and upvote it.

Answer 3

To protect against this vulnerability you can use this mitigation script:

$WeakCipherSuites = @(
    "DES",
    "IDEA",
    "RC"
)

Foreach($WeakCipherSuite in $WeakCipherSuites){
    $CipherSuites = Get-TlsCipherSuite -Name $WeakCipherSuite

    if($CipherSuites){
        Foreach($CipherSuite in $CipherSuites){
            Disable-TlsCipherSuite -Name $($CipherSuite.Name)
        }
    }
}

Answer 4

i had similar findings flagged against an Azure VM running Windows Server 2019 DC. I tried to remove this registry key manually, restart the server and ended up having issues with RDP to the server. not able to proceed, get the ERRCONNECT-FAILED (0x000000) or similar

so is there something i need to ensure before removing this registry entry?

Answer 5

Or use IIS Crypto to manage cipher suites: https://www.nartac.com/Products/IISCrypto/Download