SSLCipherSuite aliases

Question

Forgive me if this has been asked before, but I'd really like to get down to the bottom of how the SSLCipherSuite directive works in Apache and elsewhere. Firstly, I'm familiar with the four parts of a cipher:

Key Exchange Algorithm
Authentication Algorithm
Cipher Encoding Algorithm (bulk encryption)
MAC Digest Algorithm (hash function)

Here's the default SSLCipherSuite for my Apache box:

SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5

From my current knowledge and what I've read online, here's how I read this:

HIGH - all ciphers using Triple-DES are enabled MEDIUM - all ciphers with 128 bit encryption are enabled !aNULL - Null authentication is disabled and cannot be re-added to the string later via a "+" (plus) sign !MD5 - MD5 hashing is disabled and cannot be re-added to the string later via a "+" (plus) sign

Now my question is, do the aliases HIGH, MEDIUM, and LOW refer to JUST the bulk encryption algorithm used, or to the cipher suite being used as a WHOLE (all four categories listed above)? Would there be an issue with setting it to just this?

SSLCipherSuite HIGH

Or would there be unintended consequences because there are no restrictions on the other three categories? If this is the case, is there anything else besides using MD5 as a hash algorithm that I should disable from the Key Exchange, Authentication, MAC Digest algorithm categories?

Thank you, and please let me know if any of that needs clarification or expansion!

Answer 1

Refer to all the components - all categories.

You could type in openssl ciphers 'HIGH' (etc.) to retrieve a list of ciphers that are associated with that setting. On my old mac (an older OpenSSL), I get (with other versions, you would see different - recommend the latest versions with none / few documented vulnerabilities):

$ openssl ciphers 'HIGH'
ADH-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:ADH-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:ADH-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5

$ openssl ciphers 'MEDIUM'
ADH-SEED-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:SEED-SHA:ADH-RC4-MD5:RC4-SHA:RC4-MD5:RC2-CBC-MD5:RC4-MD5

$ openssl ciphers 'LOW'
ADH-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5

You mention that you understand cipher suites. Here is a white paper that has a section on "choosing cipher suites": https://www.creativsymantec.com/campaigncentral/downl/b-wp_ecc.pdf

And of course, choosing a cipher suite is moving target with all the vulnerabilities that have arisen recently such as Poodle (both SSLv3 and TLS1 with block ciphers) and so on. It would be a great idea to test your web server against the Qualys SSL Test and trust its evaluation.

Answer 2

Now my question is, do the aliases HIGH, MEDIUM, and LOW refer to JUST the bulk encryption algorithm used, or to the cipher suite being used as a WHOLE (all four categories listed above)? Would there be an issue with setting it to just this?

They refer to the cipher suite.

What's exactly behind these names depends on the OpenSSL version. See the documentation of openssl ciphers for more details.

Would there be an issue with setting it to just this?

SSLCipherSuite HIGH

Since the exact meaning of HIGH depends on the OpenSSL version it would probably be better to have a more granular specification which does not depend that much on the OpenSSL version.