Solved

Various banks online banking still use TLSv1.0 : what's acceptable?

Posted on 2016-11-05
5
52 Views
Last Modified: 2016-11-08
When scanning various banks online sites from https://www.ssllabs.com/ssltest/  ,
the result indicates they are still using TLSv1.0  (besides 1.1 & 1.2) :

https://internet-banking.dbs.com.sg/IB/Welcome
https://pib.uob.com.sg/PIBLogin/Public/processPreCapture.do?keyId=lpc
https://www.citibank.com.sg/SGGCB/JSO/signon/DisplayUsernameSignon.do

Result for citi:
https://www.ssllabs.com/ssltest/analyze.html?d=www.citibank.com.sg

Thought TLSv1.0 is deprecated as of last Jun/Jul & v1.1 is till mid next year?
Some PT scannners report v1.0 as with BEAST attack vulnerability while
v1.1 has some other vulnerability.

Refer to attached screen which gives the scan output of Citi:
does the green color on TLSv1.2 mean it will be used first & will fallback to
v1.1/1.0 if the browser/client doesn't support it?

If this is a fallback situation, is it secure?
SSLTLScanCiti.png
0
Comment
Question by:sunhux
5 Comments
 
LVL 61

Accepted Solution

by:
btan earned 250 total points
Comment Utility
The main issue with TLS 1.0 is due to weak cipher and hash (HMAC) used such as DES, MD5 and SHA. Futhermore it should support PFS  that requires DH and EDH instead of RSA.

It will not be secure if server allows the fallback to TLS1.0 due client support. The fallback is susceptible to man in the middle attack. See this review of the various related vulnerabilities.

https://www.contextis.com/resources/blog/manually-testing-ssltls-weaknesses-2016-edition/

Though TLS 1.0 is still widely used as the 'best' protocol by a lot of browsers that are not patched to the very latest version. It suffers from CBC Chaining attacks and Padding Oracle attacks. The latest browsers are not supporting TLSv1.0. So it should only be used after risk analysis and acceptance. Note that PCI DSS 3.1 prohibits use of TLS 1.0 after June 30, 2016.
0
 

Author Comment

by:sunhux
Comment Utility
Thanks  so all those online banking sites are overdue in disabling TLSv1.0?  Or they left it there to support older clients / browsers ?
0
 
LVL 23

Assisted Solution

by:Dr. Klahn
Dr. Klahn earned 125 total points
Comment Utility
Both are true.  Ideally TLS V1.0 should have been disabled as soon as new browsers became available that supported better methods.

But ... in the real world there are still people using Windows 98 machines on dial-up, who will never update their systems or their browsers.  Telling a client "We no longer support your system" is a quick way to lose customers to a bank that permits sessions using any -- or no -- security, but has an internet use agreement that says "If you use outdated software and you lose money, it's not our problem."
0
 
LVL 61

Assisted Solution

by:btan
btan earned 250 total points
Comment Utility
Yes, supposedly not to use the TLS 1.0 and not to downgrade to support legacy clients. Reality is that there are still these group of incompatible which you probably have to "let go" otherwise be prepared to face the audit and testing finding to justify this support. Risk measured decision.

There is past NIST paper on the client in which the higher TLS version need to be configured in preference if they are supported at the server, which currently most are mandated to do it - in my environment it has strict rule on this
Version Support

a. The client shall be configured to support TLS version 1.1.
b. The client should be configured to support TLS version 1.2.
c. The client may be configured to support TLS version 1.0.
d. If TLS version 1.0 is supported, the client shall be configured to prefer TLS
1.1 and TLS 1.2 over TLS 1.0.
e. The client shall not be configured to support SSL version 3.0 or earlier.
0
 
LVL 16

Assisted Solution

by:Learnctx
Learnctx earned 125 total points
Comment Utility
Yes, TLS1.0 should be disabled. But this is the real world and in the real world while supporting TLS1.0 might not be ideal it is necessary. If you look at the case for Android alone, around ~20% of Android devices either only support TLS1.0 or by default don't have TLS1.1 and TLS1.2 enabled by default (pre-KitKat devices). So what do you do right?
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now