Insecure Cipher Suite

IANA name:

TLS_RSA_PSK_WITH_RC4_128_SHA

GnuTLS name:

TLS_RSA_PSK_ARCFOUR_128_SHA1

Hex code:

0x00, 0x92

TLS Version(s):

TLS1.0, TLS1.1, TLS1.2, TLS1.3

---

Protocol:

Transport Layer Security (TLS)

Key Exchange:

Rivest Shamir Adleman algorithm (RSA)

Non-ephemeral Key Exchange:

This key exchange algorithm does not support Perfect Forward Secrecy (PFS) which is recommended, so attackers cannot decrypt the complete communication stream.

Authentication:

Pre-Shared Key (PSK)

Encryption:

Rivest Cipher 4 with 128bit key (RC4 128)

Rivest Cipher 4:

IETF has officially prohibited RC4 for use in TLS in RFC 7465. Therefore, it can be considered insecure.

Hash:

HMAC Secure Hash Algorithm 1 (SHA)

Secure Hash Algorithm 1:

The Secure Hash Algorithm 1 has been proven to be insecure as of 2017 (see shattered.io).

---

Included in RFC:

• RFC 4279

Machine-readable:

application/json