What is LUCKY13 Vulnerability?

LUCKY13 is a timing attack can be used against implementations of the TLS protocol using the cipher block chaining mode of operation. The vulnerability affects the TLS 1.1 and 1.2 specifications as well of certain forms of earlier versions.

Impact

The attack allows a full plaintext recovery for OpenSSL. Therefore an attacker exploiting this vulnerability is able to read the plaintext of an TLS encrypted session. The attack is a more advanced padding oracle which exploits different calculation times depending on the plaintext being padded with one or two bytes or containing an incorrect padding.

Recommendation

Several countermeasures for the LUCKY13 attack exist. Most importantly (and easy to implement), no CBC cipher suites should be used. Instead use AEAD cipher

suites such as AES-GCM.

Please enable the following configurations; also ensure NO CBC ciphers are enabled

 Enable TLSv1.2, Disable SSLv3.0, TLSv1.0 and TLSv1.1

 Enable modern TLS cipher suites and Disable all CBC Cipher suite

Solutions:

To solve the problem of configuring the server to meet the specified requirements, you need to adjust the server's TLS settings and cipher suite configurations. Here’s a step-by-step guide for a commonly used web server, such as Apache or Nginx:

For Apache:

1. **Open the Apache configuration file**:

  - The configuration file is usually located at `/etc/httpd/conf/httpd.conf` or `/etc/apache2/apache2.conf`. You might also find relevant configurations in `/etc/httpd/conf.d/ssl.conf` or `/etc/apache2/sites-available/default-ssl.conf`.

2. **Disable SSLv3.0, TLSv1.0, and TLSv1.1 and enable TLSv1.2**:

  SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2

3. **Enable modern TLS cipher suites and disable all CBC cipher suites**:

  Add or update the `SSLCipherSuite` directive:

  SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305

  This directive includes some modern, secure cipher suites without CBC mode. Make sure to verify the exact cipher suites supported by your version of OpenSSL.

4. **Restart Apache to apply the changes**:

  sudo systemctl restart httpd  # For CentOS/RedHat
  sudo systemctl restart apache2 # For Debian/Ubuntu	

For Nginx:

1. **Open the Nginx configuration file**:

  - This is typically located at `/etc/nginx/nginx.conf` or in a specific server block configuration file in `/etc/nginx/sites-available/`.

2. **Disable SSLv3.0, TLSv1.0, and TLSv1.1 and enable TLSv1.2**:

  ssl_protocols TLSv1.2;

3. **Enable modern TLS cipher suites and disable all CBC cipher suites**:

  Add or update the `ssl_ciphers` directive:

  ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305';

4. **Restart Nginx to apply the changes**:

  sudo systemctl restart nginx

Verifying the Configuration:

1. **Test the server configuration**:

  - Use tools like [SSL Labs' SSL Test](https://www.ssllabs.com/ssltest/) or `openssl` command-line tool to verify the server's SSL/TLS settings.

  openssl s_client -connect yourserver.com:443 -tls1_2

2. **Check for the absence of CBC ciphers**:

  openssl s_client -connect yourserver.com:443 -tls1_2 -cipher 'CBC'

 This should fail to connect if CBC ciphers are correctly disabled.

By following these steps, you should be able to configure your server to enable TLSv1.2, disable SSLv3.0, TLSv1.0, and TLSv1.1, and ensure that no CBC ciphers are enabled.