DO NOT SHARE THESE DOCS WITH CUSTOMERS!
This is an LA release that will only be provided to a select number of PLM-sanctioned customers (PDFs only). Contact PLM for details.
In this section:
The Sweet32 attack is a birthday attack on 64-bit block ciphers in TLS and OpenVPN. The cryptographic protocol like TLS commonly uses block cipher algorithms, such as Advanced Encryption System (AES), to encrypt data between clients and servers. These algorithms are implemented by dividing the data into fixed-length chunks, called blocks. Each block is encrypted separately according to a mode of operation.
It is proved that most modes of operations are secure up to 2n/2 blocks of plain text (here n is the block size), a limit that is commonly called the birthday bound. In Cipher Block Chaining (CBC) mode, the probability of collisions becomes significant after 2n/2 blocks because of the birthday paradox. A short block size makes a block cipher vulnerable to birthday attacks, even if there are no cryptographic attacks against the block cipher.
In a simple birthday attack against CBC: after 2n/2 message blocks encrypted with the same key (in the same message or in different messages), a collision between two ciphertext blocks is expected. A collision in the output means that the inputs are the same divulging secret information.
To secure the confidential information from this critical SWEET32 birthday attack vulnerability, it is crucial to stop using the legacy 64-bit block ciphers and is highly recommended that the Web servers must be configured to the preferred 128-bit ciphers. Thus, these weak ciphers such as RC4,
DES,
and so on must be disabled in the SSL configuration and strong ciphers such as AES
must be enabled for security.