Bug #7842
PRIVACY & SECURITY: Unable to connect with XMPP servers that require use of strong ciphers that support forward secrecy
Status: | New | Start date: | 08/14/2016 | |
---|---|---|---|---|
Priority: | High | Due date: | ||
Assignee: | - | % Done: | 0% | |
Category: | - | |||
Target version: | - | |||
Component: |
Description
Attempts to connect to XMPP servers that require explicit use of Forward Secrecy Cipher Suite(s) fail. ChatSecure Android client does not appear to support PFS ciphers.
Specifically, the following standard Forward Secrecy Cipher Suite(s) appear missing from ChatSecure:
ECDHE-ECDSA-AES256-GCM-SHA384 (0xc02c)
ECDHE-ECDSA-AES256-SHA384 (0xc024)
ECDHE-ECDSA-AES128-GCM-SHA256 (0xc02b)
I have setup an (intermittently available) test server that only supports these higher ciphers so that you may independently verify if need be.
IM Observatory test results to test server (and server details) - https://xmpp.net/result.php?id=434489
While TLS negotiation fails with ChatSecure:Android, it remains successful with desktop xmpp client such as PSI.
Support for standard PFS ciphers is requested as part of the standard privacy & security model to which ChatSecure prescribes.
Related issues
History
#1 Updated by arch over 1 year ago
Packet analysis from test server starting with 'Client Hello' performed with latest ChatSecure APK and contrasted to functional baseline found in PSI desktop. Issue identified within ChatSecure as failure at the protocol level. TLSv1 (SSL 3.1) is highest protocol offered. ChatSecure missing required TLS Protocol 1.2 (RFC5246 - https://www.ietf.org/rfc/rfc5246.txt) as released August 2008.
NOTES:
TLSv1.0 is not an completely secure protocol with which to encrypt sensitive data. Adoption of TLSv1.2 strongly recommended. Special concern should be had should communications involve payment processing, healthcare information, or other sensitive data.
REFERENCE:
NIST Special Publication 800-52 Revision 1: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations
Published: April 28, 2014
Path: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r1.pdf
Page Vi - Footnote - ..."TLS versions 1.1 and 1.2 are approved for the protection of Federal information, when properly configured."
Page 7 - "..It also recommends that agencies develop migration plans to TLS 1.2, configured using Approved schemes and algorithms, by January 1, 2015."
Summary:
Issue able to be resolved by ChatSecure adopting RFC5246
#2 Updated by arch over 1 year ago
Note: ChatSecureAndroid source commits state that TLSv1.1 and TLSv1.2 support was added with 14.0.6 / 2014-11-04.
Update: Validated TLS1.2 connectivity with Android 6.0.1.
Remains at TLS1.0 with Android 4.4.4
#3 Updated by arch over 1 year ago
Issue appears to be Android 4.4.x (and under) code related, whereas TLS1.1 and TLS1.2 is not enabled by default in Android.
Android major platform release {KITKAT_Watch (API 20) / LOLLIPOP (API 21)} re-enabled by default TLSv1.1 and TLSv1.2
Question: Is there any solution for SecureChat to operating TLSv1.2 on an Android with API Level less than 20?
-------
Android Code adjustment to re-enable TLSv1.1/TLSv1.2: https://code.google.com/p/android/issues/detail?id=61085#c6
SSL Socket - Android API - https://developer.android.com/reference/javax/net/ssl/SSLSocket.html
API LEVELS - https://developer.android.com/guide/topics/manifest/uses-sdk-element.html
#4 Updated by arch over 1 year ago
Verified TLSv1.1 & TLS1.2 available through SSLLabs browser test on Android 4.4.4 (Firefox).
While not a programmer, pertinent discussion on this specific subject was located that suggests the following:
In order for the application to leverage TLSv1.1 & TLSv1.2 between API Level 16 through 20, remediation may be conducted through implementation of a custom SSLSocketFactory that will proxy all calls to a default SSLSocketFactory implementation. Overriding all createSocket methods and callsetEnabledProtocols on the returned SSLSocket is necessary in order to enable this security model.
Value toward offering this approach towards enhancing security through ChatSecure is identified through the common Android dashboard. It is noted API 16-20 occupies 45.9% of the Android market as of 8/1/2016. Thus, development of this recommended change (or function providing similar outcome) is seen as offering enhancement to a strong community and would thus provide a much higher level of transport level security not otherwise available to that market.
Thank you for your time in reviewing this issue.
Sincerely,
Arch Beard
REFERENCE:
https://developer.android.com/about/dashboards/index.html#Platform
https://blog.dev-area.net/2015/08/13/android-4-1-enable-tls-1-1-and-tls-1-2/