4.1.14 Ensure only Perfect Forward Secrecy Ciphers are Leveraged - ssl_ciphers

Information

Perfect forward secrecy protects users of your website by ensuring that even if your private key is compromised that your user's sessions are not able to be compromised. This improves upon other ciphers where if your private key was compromised all user sessions can also be compromised retroactively.

Rationale:

Perfect Forward Secrecy (PFS) helps to reduce the impact of a private key compromise.

Solution

Ensure that only ciphers that are compatible with perfect forward secrecy are used. ECDHE/EECDH ciphers and DHE/EDH ciphers support this capability. Its recommended to leverage ECDHE ciphers unless you need to support legacy clients because they are considered stronger and faster. An example configuration that may be used is: 'EECDH:EDH:!NULL:!SSLv2:!RC4:!aNULL:!3DES:!IDEA'.

The below configuration will only enable ciphers compatible with perfect forward secrecy.

Web Server:

ssl_ciphers EECDH:EDH:!NULL:!SSLv2:!RC4:!aNULL:!3DES:!IDEA;


Proxy:

proxy_ssl_ciphers EECDH:EDH:!NULL:!SSLv2:!RC4:!aNULL:!3DES:!IDEA;

Default Value:

Perfect Forward Secrecy is not the only default negotiable cipher suite.

See Also

https://workbench.cisecurity.org/files/4212