Insecure Cipher Suite
- IANA name:
- GnuTLS name:
- Hex code:
- 0x00, 0x18
- TLS Version(s):
- TLS1.0, TLS1.1, TLS1.2
- Transport Layer Security (TLS)
- Key Exchange:
- Diffie-Hellman (DH)
- Anonymous (anon)
- Rivest Cipher 4 with 128bit key (RC4 128)
- Message Digest 5 (MD5)
- Included in RFC:
Diffie-Hellman key exchanges not using ephemeral keys do not support Perfect Forward Secrecy (PFS) which is recommended, so attackers cannot decrypt the whole communication stream.
Anonymous key exchanges are generally vulnerable to Man in the Middle attacks.
IETF has officially prohibited RC4 for use in TLS in RFC 7465. Therefore, it can be considered insecure.
The Message Digest 5 algorithm suffers form multiple vulnerabilities and is considered insecure.