I'm by no means a crypto expert. Still I'm frequently getting (and answering) questions regarding the use of RC4 in SSL/TLS. Should you disable it? Or keep it enabled?

March 2015 update - A 'new' attack method (Bar Mitsvah Attack) using a previously known RC4 vulnerability was presented, thereby reducing the RC4 security even more.

February 2015 update - RFC 7456 has been published, which effectively prohibits the use of RC4 in TLS.

This document requires that Transport Layer Security (TLS) clients
and servers never negotiate the use of RC4 cipher suites when they
establish connections. This applies to all TLS versions.

See http://tools.ietf.org/html/rfc7465

Here is my reasoning to disable all ciphersuites using RC4:

  • RC4 is a stream cipher that has been around since 1987. The number and quality of attacks on RC4 (in SSL/TLS) increases. Fact: Attacks on encryption algorithms only get better, they never get worse.
  • A lot of sites still enable RC4 in their ciphers, to support a wide browser base. Fact: Even Internet Explorer on Windows XP supports DES-CBC3-SHA (an alternative to one of the RC4 ciphers)
  • RC4 is one of the few ciphers that is resistant to the BEAST attack Fact: BEAST is a client-side attack, announced in 2011. Since then, almost all clients (openssl, NSS, SChannel) have mitigations implemented. BEAST can also be mitigated by using TLS 1.1 and TLS 1.2
  • A lot of companies can only use Federal Information Processing Standard FIPS PUB 140-2 approved algorithms. Fact: RC4 is not a FIPS-approved algorithm

What do the crypto experts say ?

Some form of encryption is always better than no encryption - however you don't want to give visitors of your site a false sense of security. Currently there are better cipher alternatives to RC4.

RC4 is a fast algorithm; 3DES is slower and more CPU intensive
How to disable it
When using openssl, add the following line in your cipher string:
`` !RC4``
Example of an Apache SSL/TLS configuration which disables RC4 among other ciphers and protocols
`` SSLProtocol All -SSLv2 -SSLv3 SSLHonorCipherOrder On SSLCipherSuite HIGH:!IDEA:!RC4:!MD5:!ADH:!AECDH:!aNULL:!eNULL:@STRENGTH``

Useful links


comments powered by Disqus