Tuesday, December 1, 2009

iPhone, Android Support Weak SSL Ciphers

Mobile devices are handling increasingly sensitive data as financial and banking applications are deployed to the iPhone and Android based phones. However, the challenges of SSL/TLS are being revisited on these mobile devices. Unfortunately, we are not learning from our previous mistakes with standard browsers.

Today I discovered that both the iPhone and the Android software emulator (sorry, don't have a droid yet) both support weak cipher suites. For example, both devices support DES-CBC-SHA as well as a slew of other weak ciphers. To put that in perspective, DES was phased out of FIPS documents in 2002 and could be broken as early as 1999.

All modern web browsers that I have tested on computers (e.g. not mobile devices) have all disabled support for any weak cipher suites. It is quite amazing to see such a step back for mobile devices.

What's the impact? Unfortunately, many high profile web servers also support weak ciphers. As a result there is a possibility that the iPhone or Android browser could be paired up with one of these sites and decide upon a weak cipher suite. This means that all of that sensitive financial information will be exchanged using an encryption that could be broken by a determined attacker.

A few screen shots:

iPhone connecting with DES-CBC-SHA

Android emulator connecting with with DES-CBC-SHA

Confused about SSL/TLS? Let OWASP help you - TLS Cheat Sheet

-Michael Coates