Insecure Cipher Suite

IANA name:

TLS_DH_anon_EXPORT_WITH_RC4_40_MD5

Hex code:

0x00, 0x17

TLS Version(s):

TLS1.0, TLS1.1, TLS1.2

Protocol:

Export-grade Transport Layer Security (TLS EXPORT)

Export-grade cipher suite:

Export ciphers used to be legally exportable from the United States of America in the 1990s, when exporting military technology was heavily restricted. Nowadays, they are considered insecure (cf. FREAK Attack).

Key Exchange:

Diffie-Hellman (DH)

Non-ephemeral Diffie-Hellman:

Diffie-Hellman key exchanges not using ephemeral keys do not support Perfect Forward Secrecy (PFS) which is recommended, so attackers cannot decrypt the whole communication stream.

Authentication

Anonymous (anon)

Anonymous key exchange:

Anonymous key exchanges are generally vulnerable to Man in the Middle attacks.

Encryption:

Rivest Cipher 4 with 40bit key (RC4 40)

Rivest Cipher 4:

IETF has officially prohibited RC4 for use in TLS in RFC 7465. Therefore, it can be considered insecure.

Hash:

Message Digest 5 (MD5)

Message Digest 5:

The Message Digest 5 algorithm suffers form multiple vulnerabilities and is considered insecure.

Included in RFC:

RFC 4346

Machine-readable:

application/json