Export-grade ciphers are still in use (Oct 7, 2016)


Since World War II, U.S government has regulated the export of cryptography for national security considerations. The export of cryptographic technology and devices from the United States was severely restricted by U.S. law until 1992, but was gradually eased until 2000. Export-grade ciphers were created in 1990s in response to U.S. regulation. Until recent years, many web browsers and web servers still support these weak ciphers for backward compatibility.

Last year, security searchers published papers revealing vulnerabilities regarding export-grade ciphers. (You might have heard FREAK attack and Logjam attack.) Since then, vendors of web browser and web server have taken necessary steps to stop supporting export-grade ciphers.

A year after the outbreaks, Dell SonicWALL still observes web traffic using export-grade ciphers. Statistics of September 2016 shows hits of IPS sid:6366 “Client Hello with EXPORT Cipher Suites 1”:

Export-grade ciphers are insecure and can damage the system. Dell SonicWALL urges all our customers to review their environment and patch the software that are still using these weak ciphers.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.