NSA does not use SSL 2.0, SSL 3.0, TLS 1.0 and TLS 1.1

The US National Security Agency (NSA) issued a security statement [PDF] this month urging system administrators in federal services and beyond to stop using outdated TLS protocols.

“Η NSA συνιστά να χρησιμοποιούνται μόνο τα TLS 1.2 ή TLS 1.3 και να μην χρησιμοποιούνται τα SSL 2.0, SSL 3.0, TLS 1.0 και TLS 1.1”, αναφέρει η .

“Η χρήση ξεπερασμένης κρυπτογράφησης παρέχει μια ψευδή αίσθηση ς, επειδή φαίνεται ότι προστατεύονται ευαίσθητα δεδομένα, παρόλο που δεν είναι έτσι πραγματικά”.

Even though the service recommends TLS 1.2 and TLS 1.3, the NSA warns you not to configure these two protocols with weak cryptographic parameters.

"Particularly weak encryption algorithms in TLS 1.2 are defined as NULL, RC2, RC4, DES, IDEA and TDES / 3DES. The cryptographic suites that use these algorithms should not be used ", the service continues.

"TLS 1.3 removes these encryption suites, but implementations that support both TLS 1.3 and TLS 1.2 should be checked for obsolete encryption suites."

The U.S. Department of Homeland Security has released a list of tools on her GitHub profile to help system administrators detect systems on their internal networks that still use outdated TLS protocols

The NSA statement, released on January 5, was repeated yesterday by its counterpart in the Netherlands, the National Cyber ​​Security Center in the Netherlands.

In a similar alert [PDF], the Dutch NCSC also recommends to all Dutch government agencies and private companies to move to TLS 1.3.

In the middle of 2020, the major browsers stopped supporting TLS 1.0 and TLS 1.1, citing security reasons. In March 2020, security company Netcraft reported that some 850.000 websites were still using TLS 1.0 and TLS 1.1 to encrypt traffic with HTTPS, a number that has since declined slowly.

iGuRu.gr The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).