.NET's SslStream is always negotiating to the least secure cipher I have. How can I change this?

Question

SslStream is supposed to negotiate the cipher type, key length, hash algorithm, etc. with its peer SSL stack. When using it in my code, I find that the negotiation always defaults to RC4 & MD5. I would like to use 3DES or AES for some added security.

Looking around the web I find only a few references to this problem and no solutions; one poster is claiming this actually makes sense, since the lowest common denominator between the two stacks is secure while has the added benefit of being faster/using less CPU resources. While this may be technically correct, my particular trade-off between complexity and cost lies elsewhere (I prefer to use AES with a long key).

If anyone can help I'd appreciate it.

Answer 1

It should be using the most secure set of algorithms that were in both lists. I find it hard to believe that it isn't, because SslStream is wrapping the SChannel SSPI, and if that were broken then Internet Explorer, IIS and everything else on Windows would be broken too.

It could be that you have an outdated version of SChannel.dll/Secur32.dll. What OS and Internet Explorer version do you have installed?

It is possible to disable protocols in SCHANNEL. Could you check that this hasn't been done?

Answer 2

I'm using XP SP3 and IE7 with all updates. The registry seems configured with everything enabled.

Answer 3

In Java you can order the various algorithms/ciphers according to your needs and preferences. May be there is a similar API in .NET...

Answer 4

SSLStream uses Schannel that is supplied with the operating system. The suites are listed in the default order in which they are chosen by the Microsoft Schannel Provider for :

Windows Vista:

RSA WITH AES_128 CBC SHA
RSA WITH AES_256 CBC SHA
RSA WITH RC4_128 SHA

...

Windows XP:

RSA WITH RC4 128 MD5
RSA WITH RC4 128 SHA

RSA WITH 3DES CBC SHA

....

You can also modify the list of cipher suites by configuring the SSL Cipher Suite Order group policy settings using the Group Policy Object snap-in in Microsoft Management Console (Windows Vista)

But the issue is that Windows XP doesn't include AES in the list of ciphers available for SSLStream. However, it's possible to change Registry settings in Windows XP: HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy 1 for getting 3DES cipher.

Answer 5

You can select which protocols are available for selection by making some simple registry changes. We remove the ability to select RC4, for example. You only need to make the change at one end of the connection (eg server) because the client and server negotiate to find commonly supported algorithm

http://msdn.microsoft.com/en-us/library/ms925716.aspx

Best wishes James