Protect against the BEAST attack in Nginx

What is this BEAST?

BEAST, or “Browser Exploit Against SSL/TLS” is an attack against the cipher block chaining (CBC) method used with SSL/TLS. The weakness was discovered in 2002, but finally proven in 2011 by security researchers Thai Duong and Juliano Rizzo. With real proof of concept code, they showed it was no longer a theoretical attack.

To successfully perform the BEAST attack, there are some conditions which needs to be met:

1. Vulnerable version of SSL must be used using a block cipher (CBC in particular)
2. JavaScript or a Java applet injection. Should be in the same origin of the web site
3. Data sniffing of the network connection must be possible.

Protecting against BEAST attack

While it is interesting how the attack work, it is even easier to start protecting your systems.

To guard against the attack, we have to define what ciphers we allow. Secondly, we have to set our preference of the ciphers to be determined by the server (instead of the client). Next, we define what protocols we want to use, resulting in older SSL versions to be disallowed.

ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

 

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Regarding the ciphers, we can be more specific that list above. We list specifically what ciphers we want to allow by defining the full list:

ssl_ciphers “EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS”;

For a secure list of ciphers, have a look the Mozilla server configuration guide.

After making the changes, reload Nginx. Now it’s time to test your Nginx configuration. The SSL Labs from Qualys is a good way to test the configuration.