Apache2 SSLCipherSuite - why use anything other than high?

Question

I am currently participating a lecture in my university that is called "system architecture and security". One part of this semester is to setup our own slice and hack each others. We also have to make a webservice that uses HTTPS (and lots more).

Now my question is when I configure the apache2 I want to set a high standard in the SSL encryption (SSLCipherSuite). But I cant find anything really concrete about the differences and why anyone would ever do anything else than HIGH. Dosent that just tell the browser that it have to communicate using strong encryption methods? Does it make the communication slower?

Could someone explain this to me? Or link to an article that explains it well? I haven't been able to find it...

Answer 1

The HIGH list is part of OpenSSL's classification. It may vary depending on the version of OpenSSL and other stacks might not have the same classification (or any high/medium/low classification at all).

In some cases, you may want "higher" than HIGH. For example, the HIGH list for OpenSSL 1.0.1 includes some non-DHE cipher suites. If Perfect-Forward Secrecy is important to you, you could be a bit more restrictive and use only a subset of these cipher suites (with DHE).

In other cases, you might just have to interact with stacks that don't support any of the HIGH cipher suites, unfortunately... It's not great, but it's a risk assessment exercise to evaluate whether you can cut off those clients or not, depending on your business or service purpose.

In addition, if certain issues appear and a different choice of cipher suite is required (e.g. the BEAST incident), you may want to set the cipher suites list explicitly. Adapting the cipher suite configuration require often less work than deploying a new version of OpenSSL on an existing system. You would certainly have to upgrade the library itself if there was a flaw in its implementation, but it often causes more problems than it's worth if you just want a new HIGH list configuration out of that upgrade, especially if for an issue that can be fixed (or at least mitigated, this depends on your own risk assessment) by changing the cipher suites list.