SSL cipher suites

SSL cipher suites can be used with SOAP and SEAL communicator modules. OneSpan Authentication Server supports SSL cipher suites defined under the security level labels Custom, Very High, High, Medium, and Low.

The security levels are applied to the following communication protocols:

• SOAP
• SEAL
• RADIUS (RADIUS/EAP-TTLS and RADIUS/PEAP only)

Table: Cryptographic protocols supported in different cipher suite security levels

SSL cipher suite security level	Cryptographic protocol support
	TLSv1	TLSv1.1	TLSv1.2	TLSv1.3
Very High	✗	✗	✓	✓
High	✗	✗	✓	✓
Medium	✓	✓	✓	✓
Low	✓	✓	✓	✓
Custom	✓	✓	✓	✓

Default security levels for SSL cipher suites

For each communication interface of OneSpan Authentication Server, the SSL cipher suite security level is set by default (see Table: Default SSL cipher suite security levels for communication interfaces).

Table: Default SSL cipher suite security levels for communication interfaces

OneSpan Authentication Server communication interface	Default security level of SSL cipher suite
OneSpan Authentication Server SOAP Communicator	Very High
OneSpan Authentication Server SEAL Communicator with SSL/TLS	Very High
OneSpan Authentication Server RADIUS Communicator	Medium
OneSpan Authentication Server Live Audit Connection (SEAL)	Very High
Message Delivery Component (SEAL)	Very High

You can configure a communicator module that is enabled with SSL/TLS to use an SSL cipher security level other than the default level and select either Very High, High, Medium, or Low, via the Configuration Utility. To do so, launch the Configuration Utility and navigate to Communicators. There, each communicator module (SOAP, RADIUS, SEAL) has its own tab where you can select an option from the SSL Cipher Suite Security Level drop-down list. Alternatively, you can set this same setting via the Administration Web Interface.

To configure SSL cipher suite security level via the Administration Web Interface

1. Navigate to SYSTEM > Server Configuration.
2. Select the Communicators tab.
3. Click EDIT.
4. Expand the communicator module you wish to configure, then select an option from its SSL Cipher Suite Security Level drop-down list.
5. Click SAVE.

You can also set the SSL cipher suite security level for the Message Delivery Component (MDC).

Custom SSL cipher suites

A custom list of cipher suites can be defined specifically for OneSpan Authentication Server. The format of the list is defined by OpenSSL.

Each lower security level contains the cipher suites of every higher level, too. In the following table, only the cipher suites specific to each level are listed.

The cipher suite security levels define rules which protocols, protocol versions, and algorithms are allowed for a specific level, the resulting cipher lists depend on the OpenSSL library. This means that even if a higher cipher suite level defines stricter rules than a lower one, the applicable ciphers may be the same.

For instance, Very High is stricter than High, but effectively both levels allow the same ciphers. In that case, it does not make a difference, which cipher suite security level you select. The same is true for Medium and Low.

Table: Supported SSL cipher suites

Cipher suite	Protocol	Key exchange	Authenti­cation	Encryption	MAC
Security Level: VERY_HIGH, HIGH
TLS_AES_256_GCM_SHA384	TLSv1.3	Any	Any	AESGCM(256)	AEAD
TLS_CHACHA20_POLY1305_SHA256	TLSv1.3	Any	Any	CHACHA20 POLY1305(256)	AEAD
TLS_AES_128_GCM_SHA256	TLSv1.3	Any	Any	AESGCM(128)	AEAD
ECDHE-RSA-AES128-GCM-SHA256	TLSv1.2	ECDH	RSA	AESGCM(128)	AEAD
AES128-GCM-SHA256	TLSv1.2	RSA	RSA	AESGCM(128)	AEAD
ECDHE-RSA-AES256-GCM-SHA384	TLSv1.2	ECDH	RSA	AESGCM(256)	AEAD
AES256-GCM-SHA384	TLSv1.2	RSA	RSA	AESGCM(256)	AEAD
Security Level: MEDIUM, LOW
ECDHE-RSA-AES128-SHA256	TLSv1.2	ECDH	RSA	AES(128)	SHA256
ECDHE-RSA-AES128-SHA	TLSv1.2, TLSv1.1, TLSv1	ECDH	RSA	AES(128)	SHA1
AES128-CCM8	TLSv1.2	RSA	RSA	AESCCM8(128)	AEAD
AES128-CCM	TLSv1.2	RSA	RSA	AESCCM(128)	AEAD
AES128-SHA256	TLSv1.2	RSA	RSA	AES(128)	SHA256
AES128-SHA	TLSv1.2, TLSv1.1, TLSv1	RSA	RSA	AES(128)	SHA1
ECDHE-RSA-AES256-SHA384	TLSv1.2	ECDH	RSA	AES(256)	SHA384
ECDHE-RSA-AES256-SHA	TLSv1.2, TLSv1.1, TLSv1	ECDH	RSA	AES(256)	SHA1
AES256-CCM8	TLSv1.2	RSA	RSA	AESCCM8(256)	AEAD
AES256-CCM	TLSv1.2	RSA	RSA	AESCCM(256)	AEAD
AES256-SHA256	TLSv1.2	RSA	RSA	AES(256)	SHA256
AES256-SHA	TLSv1.2, TLSv1.1, TLSv1	RSA	RSA	AES(256)	SHA1

You can configure SSL to use one or multiple cipher suites from this list. Custom cipher suites are configured via the identikeyconfig.xml file, located at:

/etc/vasco/ias (Linux)

%PROGRAMFILES%\VASCO\IDENTIKEY Authentication Server\bin (Windows)

To configure SSL to use a custom cipher suite (via identikeyconfig.xml)

1. Open the OneSpan Authentication Server configuration file, i.e. identikeyconfig.xml.
2. Locate the settings group for the communicator module for which you want to specify a custom SSL cipher suite.
3. Within that settings group, locate the <SSL> settings group. Custom cipher suite settings (along with all other SSL settings) are defined here.
4. For Message Delivery Component, SEAL, RADIUS, or SOAP connections, specify the SSL cipher suite in the data attribute of the Supported-Cipher-Suite setting. For Live Audit Connections, specify the custom SSL cipher suite in the data attribute of the SecurityLevel setting instead.

   For all types of connections, you can specify multiple cipher suites by listing them and separating them via colons.

The following example shows SEAL communicator module SSL details for a Windows system. The only difference with the configuration for a Linux system would be the directory paths:

 

<SealCommunicator>
  <Enabled type="bool" data="true" />
  <Display-Name type="string" data="" />
  <Library-Path type="string" data="%PROGRAMFILES%\VASCO\IDENTIKEY Authentication Server\bin\ikcommseal.dll" />
  <DPX-Upload-Location type="string" data="%PROGRAMFILES%\VASCO\IDENTIKEY Authentication Server\dpx\" />
  <IP-Address type="string" data="10.2.12.9" />
  <IP-Port type="unsigned" data="20004" />
  <SSL>
    <Enabled type="bool" data="true" />
    <Server-Certificate type="string" data="%PROGRAMFILES%\VASCO\IDENTIKEY Authentication Server\bin\ikey_seal_cert.pem" />
    <Private-Key-Password type="string" data="ld90DH_oRgPsA6QGlaeVXx8=" />
    <CA-Certificate-Store type="string" data="" />
    <Client-Authentication-Method type="string" data="none" />
    <Reverify-Client-On-Reconnect type="bool" data="false" />
    <Supported-Cipher-Suite type="string" data="HIGH" />
    <Learn-Certificates type="bool" data="true" />
    <ServerCertificate />
    <ClientCertVerification />
  </SSL>
  <Require-Client-Component type="bool" data="false" />
  <DNS-Target type="bool" data="true" />
</SealCommunicator>

The tags and structure of the SSL settings here are similar to those used by RADIUS, SOAP, and MDC. The following example shows a sample SSL configuration for Live Audit Connection:

 

<Profile04>
  <Enabled type="bool" data="true" />
  <Type type="string" data="live" />
  <Display-Name type="string" data="Live Audit Viewer" />
  <Fail-On-Error type="bool" data="false" />
  <Unhandled-Only type="bool" data="false" />
  <Error type="bool" data="true" />
  <Warning type="bool" data="true" />
  <Info type="bool" data="true" />
  <Success type="bool" data="true" />
  <Failure type="bool" data="true" />
  <Plugincfg>
    <IP-Address type="string" data="10.2.12.9" />
    <Server-Port type="unsigned" data="20006" />
    <Auth-Timeout type="unsigned" data="60" />
    <Max-Connections type="unsigned" data="3" />
    <SSL>
      <Enabled type="bool" data="true" />
      <SecurityLevel type="string" data="HIGH" />
      <ServerCertificate>
        <CertFile type="string" data="%PROGRAMFILES%\VASCO\IDENTIKEY Authentication Server\bin\ikey_audit_cert.pem" />
        <Password type="string" data="ld90DH_oRgPsA6QGlaeVXx8=" />
      </ServerCertificate>
      <ClientCertVerification>
        <CACertFile type="string" data="" />
        <RequireCert type="string" data="none" />
        <LearnCertificates type="bool" data="false" />
        <ReverifyOnReconnect type="bool" data="false" />
      </ClientCertVerification>
    </SSL>
  </Plugincfg>
</Profile04>

In the SEAL communicator module example, you can configure the SSL to use custom cipher suites by replacing the word HIGH in the following line:

<Supported-Cipher-Suite type="string" data="HIGH" />

Replace it with a single cipher, or a list of ciphers separated by a colon. For example:

<Supported-Cipher-Suite type="string" data="AES256-SHA:AES128-SHA" />

With the live audit connection example, replace the word HIGH with the custom ciphers in the following line instead:

<SecurityLevel type="string" data="HIGH"/>

Blocked cipher suites

The OneSpan Authentication Server communication interfaces, when configured to use SSL/TLS, will actively block certain cipher suites. All OneSpan Authentication Server components actively block the suites to which the criteria listed below apply. This also includes custom cipher suites, i.e. if the criteria also apply to custom-defined cipher suites, the OneSpan Authentication Server components will also actively block these suites.

Criteria for cipher suites to be blocked:

• All cipher suites which do not offer encryption
• All cipher suites which do not offer authentication
• All export encryption algorithms
• Cipher suites defined by OpenSSL as low encryption
• All cipher suites which use MD5 as hashing algorithm
• All cipher suites that use pre-shared keys

Cipher suites in OneSpan Authentication Server Administration Web Interface

The following cipher suites are accepted by the Administration Web Interface(if deployed on an Apache Tomcat server (i.e. the default deployment)):

Table: Cipher suites in Administration Web Interface

Cipher suite	Protocol	Key exchange	Authenti­cation	Encryption	MAC
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256	TLSv1.2	ECDH	RSA	AESGCM(128)	AEAD
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256	TLSv1.2	ECDH	ECDSA	AESGCM(128)	AEAD
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256	TLSv1.2	ECDH/RSA	ECDH	AESGCM(128)	AEAD
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256	TLSv1.2	ECDH/ECDSA	ECDH	AESGCM(128)	AEAD
TLS_RSA_WITH_AES_128_GCM_SHA256	TLSv1.2	RSA	RSA	AESGCM(128)	AEAD
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384*	TLSv1.2	ECDH	RSA	AESGCM(256)	AEAD
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384*	TLSv1.2	ECDH	ECDSA	AESGCM(256)	AEAD
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384*	TLSv1.2	ECDH/RSA	ECDH	AESGCM(256)	AEAD
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384*	TLSv1.2	ECDH/ECDSA	ECDH	AESGCM(256)	AEAD
TLS_RSA_WITH_AES_256_GCM_SHA384*	TLSv1.2	RSA	RSA	AESGCM(256)	AEAD

* Encryption of symmetric keys that are 128 bit or greater require Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.