FORUMS
Thread Deleted Email Thread
Prev Previous Post   Next Post Next
************ UPDATE *****************
update.zip flashable for DSC and DSC PDroid can be found at
openssl 1.0.1e update for DSC/407
*****************************************

Hello,

you may have heard of the badly choosen default ssl ciphers (1) in gingerbread.
Gingerbread devices use outdated encryption algorithms for ssl communication.

That problem effects also gingerbread based roms like 407 or dsc. You can check this by sending
your default browser (or for example nakedbrowser) to a ssl browser test-server (2)

You will get a result like in attachment 1 ciphers_original: We are using the RC4-SHA without perfect forward secrecy. That is problematic cause of the Lucky 13 attack agains this encryption (3)

With some patch in core.jar in our framework (attachment ciphers_reorder.patch) I got DHE-RSA-AES128-SHA which is considered more secure and also supports perfect forward secrecy. (attachment ciphers_pfs)

You can get my core.jar from http://ge.tt/api/1/files/1MKLbUv/0/blob?download. Install it into /system/framework and rebuild your dalvik-cache.

I can't support TLSv1.1 or TLSv1.2 yet, because it would need to recompile a more recent version of libssl.so.

Users of Opera get even DHE-RSA-AES256-SHA in their connection (attachment ciphers_opera) which is considered state-of-the art cryptography. But even than, other android apps will use the badly choosen systems default. So it is a good idea even for opera
users, to update core.jar.

Can please someone confirm my findings, and install core.jar in a 407 or dsc rom and check your browser on (2)

(1) http://op-co.de/blog/posts/android_ssl_downgrade/
(2) https://cc.dcsec.uni-hannover.de/
(3) http://www.isg.rhul.ac.uk/tls/Lucky13.html
Attached Thumbnails
Click image for larger version

Name:	ciphers_original.jpg
Views:	447
Size:	45.8 KB
ID:	2331010   Click image for larger version

Name:	ciphers_pfs.jpg
Views:	475
Size:	48.7 KB
ID:	2331012   Click image for larger version

Name:	ciphers_opera.jpg
Views:	420
Size:	43.6 KB
ID:	2331013  
Attached Files
File Type: patch ciphers_reorder.patch - [Click for QR Code] (3.8 KB, 61 views)
The Following 4 Users Say Thank You to hunderteins For This Useful Post: [ View ] Gift hunderteins Ad-Free
Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes