Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Cipher Suites for SSL Proxy

Read this topic to understand more about cipher suites supports and managing digital certificates for SSL proxy on SRX Series Firewalls.

Cipher Suites

This topic includes the following sections:

Supported Cipher Suites

SSL proxy acts as an intermediary, performing SSL encryption and decryption between the client and the server, but neither the server nor the client can detect its presence. SSL relies on digital certificates and private-public key exchange pairs for client and server authentication to ensure secure communication.

Lets get familiar with all the terms we are going to refer in this section.

  • Digital Certificate or CA Certificate —A digital certificate is an electronic means for verifying your identity through a trusted third party, known as a certificate authority (CA). Alternatively, you can use a self-signed certificate to attest to your identity. Each certificate contains a cryptographic key to encrypt plaintext or decrypt cyphertext.

  • Certificate Contents—A digital certificate associates a public key with the identity of an individual entity to whom it is issuing the digital certificate. A digital certificate includes the following identification attributes:

    • Identification and signature of the Certificate Authority that issued the certificate.

    • Validity period

    • Serial number

    • Certificate issuer details

    • Information about the subject includes identifying information (the distinguished name) and the public key.

  • Cipher Suite—A cipher suite is a set of cryptographic algorithms. An SSL cipher comprises encryption ciphers, an authentication method, and compression. On SRX Series Firewall, SSL sessions use key exchange method by which cryptographic keys are exchanged between the client and the servers using cryptographic algorithm. The kind of key exchange algorithm and the cipher suites used must be supported by both sides.

    SSL sessions use the algorithms from a cipher suite to:

    • Securely establish a secret key between two communicating parties

    • Protect the confidentiality of data in transit

Table 1 provides the details of RSA keys supported on various SRX Series Firewalls.

Table 1: Maximum Key Sizes Supported on SRX Series Devices

SRX Series Devices

Supported RSA Key Size

SRX300, SRX320, SRX340, SRX345, SRX550, SRX1500, SRX4100, SRX4200, SRX4600, SRX5400, SRX5600, SRX5800

512 bits, 1024 bits, 2048 bits, 4096 bits

  • Starting with Junos OS Release 15.1X49-D30 and Junos OS Release 17.3R1, server certificates of key size 4096 bits are supported. Prior to Junos OS Release 15.1X49-D30, server certificates with key size greater than 2048 bits were not supported because of cryptography hardware limitations.

  • Starting in Junos OS Release 18.1R1, SSL proxy support is available on SRX300 and SRX320 devices. On SRX300 and SRX320 devices, server certificates with key size 4096 bits are not supported.

ECDSA Cipher Suite Support for SSL Proxy

Starting in Junos OS Release 18.3R1, SRX Series Firewalls support ECDSA cipher suites for SSL proxy. ECDSA is a version of the Digital Signature Algorithm (DSA) and is based on Elliptic-curve cryptography (ECC).

To use ECDSA ciphers on your security device, you must ensure to:

  • Include the certificates containing ECC-capable public keys on the device. Support is available for the Elliptic Curve Cryptography (ECC) certificate only with the Elliptic Prime Curve 256 bit (P-256).

  • Include the ECDSA certificate option for the root CA. You can include one RSA certificate and one ECDSA certificate each. Having both ECC and RSA certificate allows you to perform ECC-based key exchange or RSA-based key exchange depending on the client and the server device’s compatibility.

  • For reverse proxy, include the ECDSA certificate for the server certificate. No restriction on the number of ECDSA or RSA certificate inclusion.

  • A trusted CA certificate can either be an RSA-based certificate and an ECDSA-based certificate. All features supported on an RSA-based certificate such as certificate cache, certificate revocation list (CRL), certificate chain are supported on an ECDSA certificate.

Elliptic Curve (EC) groups are used in SSL/TLS communication for key exchange during the handshake process. These groups are part of the Elliptic Curve Cryptography (ECC) which provides secure communication with smaller key size, resulting in reduced storage and faster transmission and secure communications.

Starting in Junos OS 23.4R1, SRX Series Firewalls support the following ECC curve types in SSL initiation, SSL termination, and SSL proxy profiles.

  • P-256
  • P-384
  • P-512

Above EC groups are configured SSL initiation, SSL termination, and SSL proxy profiles by default and priority order of these EC groups is - priority order of P-256, P-384, and P-521.

Note that the server and client must both support the same EC group in order to successfully establish a secure connection.

Configuring these EC groups in SSL proxy client and server communication ensures compatibility and flexibility in establishing secure connections.

SSL Cipher List

Table 2 displays a list of supported ciphers. NULL ciphers are excluded.

Table 2: Supported SSL Cipher List
SSL Cipher Key Exchange Algorithm Data Encryption Message Integrity

Preferred Ciphers Category

Earliest Supported Release

ECDHE-ECDSA-AES-256-GCM- SHA384

ECDHE/DSA key exchange

256-bit AES/GCM

SHA384 hash

Strong

Junos OS Release 18.3R1

ECDHE-ECDSA-AES-128-GCM-SHA256

ECDHE/DSA key exchange

128-bit AES/GCM

SHA256 hash

Strong

Junos OS Release 18.3R1

ECDHE-ECDSA-AES-256-CBC- SHA384

ECDHE/DSA key exchange

256-bit AES/CBC

SHA384 hash

Strong

Junos OS Release 18.3R1

ECDHE-ECDSA-AES-128-CBC-SHA256

ECDHE/DSA key exchange

128-bit AES/CBC

SHA256 hash

Strong

Junos OS Release 18.3R1

ECDHE-ECDSA-AES-256-CBC-SHA

ECDHE/DSA key exchange

256-bit AES/CBC

SHA hash

Strong

Junos OS Release 18.3R1

ECDHE-ECDSA-AES-128-CBC-SHA

ECDHE/DSA key exchange

128-bit AES/CBC

SHA hash

Strong

Junos OS Release 18.3R1

ECDHE-RSA-AES256-GCM-SHA384

ECDHE/RSA key exchange

256-bit AES/GCM

SHA384 hash

Strong

Junos OS Release 15.1X49-D10

ECDHE-RSA-AES256-CBC-SHA384

ECDHE/RSA key exchange

256-bit AES/CBC

SHA384 hash

Strong

Junos OS Release 15.1X49-D10

ECDHE-RSA-AES256-CBC-SHA

ECDHE/RSA key exchange

256-bit AES/CBC

SHA hash

Strong

Junos OS Release 15.1X49-D10

ECDHE-RSA-AES128-GCM-SHA256

ECDHE/RSA key exchange

128-bit AES/GCM

SHA256 hash

Strong

Junos OS Release 15.1X49-D10

ECDHE-RSA-AES128-CBC-SHA256

ECDHE/RSA key exchange

128-bit AES/CBC

SHA256 hash

Strong

Junos OS Release 15.1X49-D10

ECDHE-RSA-AES128-CBC-SHA

ECDHE/RSA key exchange

128-bit AES/CBC

SHA hash

Strong

Junos OS Release 15.1X49-D10

RSA-AES256-GCM-SHA384

ECDHE/RSA key exchange

256-bit AES/GCM

SHA384 hash

Strong

Junos OS Release 15.1X49-D10

RSA-AES256-CBC-SHA256

ECDHE/RSA key exchange

256-bit AES/CBC

SHA256 hash

Strong

Junos OS Release 15.1X49-D10

RSA-AES128-GCM-SHA256

ECDHE/RSA key exchange

128-bit AES/GCM

SHA256 hash

Strong

Junos OS Release 15.1X49-D10

RSA-AES128-CBC-SHA256

ECDHE/RSA key exchange

128-bit AES/CBC

SHA256 hash

Medium

Junos OS Release 15.1X49-D10

RSA-AES128-CBC-SHA

RSA key exchange

128-bit AES/CBC

SHA hash

Weak

Junos OS Release 12.1

RSA-AES256-CBC-SHA

RSA key exchange

256-bit AES/CBC

SHA hash

Weak

Junos OS Release 12.1

Starting in Junos OS Release 21.2R1, on SRX Series Firewalls, SSL proxy supports TLS version 1.3 and it provides improved security and better performance. Table 3 displays a list of TLS 1.3 supported ciphers.

Table 3: TLS 1.3 Supported Cipher List
TLS Cipher Key Exchange Algorithm Data Encryption Message Integrity

Earliest Supported Release

TLS_AES_256_GCM_SHA384

Any

256-bit AES/GCM

SHA384 hash

Junos OS Release 21.2R1

TLS_AES_128_GCM_SHA256

Any

128-bit AES/GCM

SHA256 hash

Junos OS Release 21.2R1

TLS_CHACHA20_POLY1305_SHA256

Any

256-bit CHACHA20_POLY1305

SHA256 hash

Junos OS Release 21.2R1

TLS_AES_128_CCM_SHA256

Any

128-bit AES/CCM

SHA256 hash

Junos OS Release 21.2R1

TLS_AES_128_CCM_8_SHA256

Any

128-bit AES/CCM

SHA256 hash

Junos OS Release 21.2R1

Starting in Junos OS Release 18.4R1, support for some ciphers in custom ciphers are deprecated. Table 4 provides the list of the deprecated ciphers.

Table 4: List of Deprecated Ciphers
SSL Cipher Key Exchange Algorithm Data Encryption Message Integrity

Preferred Ciphers Category

Earliest Supported Release

ECDHE-ECDSA-3DES-EDE-CBC-SHA

ECDHE/DSA key exchange

3DES EDE/CBC

SHA hash

Strong

Junos OS Release 18.3R1

ECDHE-RSA-DES-CBC3-SHA

ECDHE/RSA key exchange

DES CBC

SHA hash

Medium

Junos OS Release 15.1X49-D10

RSA-RC4-128-MD5

RSA key exchange

128-bit RC4

Message Digest 5 (MD5) hash

Medium

Junos OS Release 12.1

RSA-RC4-128-SHA

RSA key exchange

128-bit RC4

Secure Hash Algorithm (SHA) hash

Medium

Junos OS Release 12.1

RSA-EXPORT-1024-RC4-56-MD5

RSA 1024 bit export

56-bit RC4

MD5 hash

Weak

Junos OS Release 12.1

RSA-EXPORT-1024-RC4-56-SHA

RSA 1024 bit export

56-bit RC4

SHA hash

Weak

Junos OS Release 12.1

RSA-EXPORT-RC4-40-MD5

RSA-export

40-bit RC4

MD5 hash

Weak

Junos OS Release 12.1

RSA-EXPORT-DES40-CBC-SHA

RSA-export

40-bit DES/CBC

SHA hash

Weak

Junos OS Release 12.1

RSA-EXPORT-1024-DES-CBC-SHA

RSA 1024 bit export

DES/CBC

SHA hash

Weak

Junos OS Release 12.1

RSA-3DES-EDE-CBC-SHA

RSA key exchange

3DES EDE/CBC

SHA hash

Weak

Junos OS Release 12.1

RSA-DES-CBC-SHA

RSA key exchange

DES CBC

SHA hash

Weak

Junos OS Release 12.1

Note the following:

  • Supported SSL ciphers for HTTPS firewall authentication are RSA-AES-128-CBC-SHA, and RSA-AES-256-CBC-SHA.

  • Cipher suites that have “export” in the title are intended for use outside of the United States and might have encryption algorithms with limited key sizes. Export ciphers are not enabled by default. You need to either configure the export ciphers to enable or install a domestic package.

  • ECDHE-based cipher suits support the perfect forward secrecy feature in SSL proxy.

    Perfect forward secrecy is a specific key agreement protocols which ensures that all transactions sent over the Internet are secure. Perfect forward secrecy generates a unique session key for every session initiated by user. This ensures that the compromise of a single session key has no impact on data other than that exchanged in the specific session protected by that particular key.

Configuring Cipher Suites for SSL Proxy

You can use following options in SSL proxy profile configuration to set cipher suites:

  • Preferred Ciphers—Preferred ciphers allow you to define an SSL cipher with acceptable key strength: strong, medium, or weak.

    If you do not want to use one of the three categories, you can select ciphers from each of the categories to form a custom cipher set. Custom ciphers allow you to define your own cipher list. To configure custom ciphers, you must set preferred-ciphers to custom. Example:

  • Custom Ciphers—Custom ciphers allow you to define your own cipher list. Example:

    Starting in Junos OS Release 21.2R1, you can also use the following custom ciphers:

Use the following steps to configure an SSL proxy with custom ciphers:

  • Generate a root CA certificate or you can import your own trusted CA certificate and private and public keys into the device.

  • Create an SSL proxy profile and associate root CA certificate (Root CA or the server certificate).

  • Enable preferred-cipher in the SSL proxy as a custom-cipher and attach custom cipher

Example:

This example shows how to create a custom cipher. In this example, you set preferred-cipher to custom and add the cipher list (ecdhe-ecdsa-with-aes-256-cbc-sha384 and ecdhe-ecdsa-with-aes-128-cbc-sha256):

Or

Proceed with configuring the SSL proxy profile and applying the SSL proxy profile to a security policy

Configuring Server Certificates of Key Size 4096 Bits on SRX300 and SRX320

Starting in Junos OS Release 19.4R1, SRX300 and SRX320 devices support RSA certificates with key size 4096 bits. This support is available only when the SRX300 and SRX320 devices are operating in standalone mode.

You must explicitly configure the SSL proxy profile on SRX300 and SRX320 devices to use the server certificate with key size 4096 bits. Example:

SSL Forward Proxy Profile

SSL Reverse Proxy Profile

ECDSA Ciphers Support for SSL Initiation and SSL Termination Profiles

You can configure ECDSA ciphers in SSL initiation and SSL termination profiles in non-proxy mode. These profiles support the following ECDSA Ciphers:

  • ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
  • ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  • ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  • ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  • ECDHE_ECDSA_WITH_CHACHA20_POLY1305
  • To enable the support of the above ciphers, you must load SSL initiation and SSL termination profiles with the certificate which contains the ECC capable public keys.
  • Adding support of new ECC certificate along with existing RSA certificate provides flexibility in choosing between different types of certificates for encryption and authentication purposes.
  • In case you configure SSL initiation and SSL termination profiles with ECC certificates and server supports only RSA-based authentication, the the session fails to establish and displays the error message (no shared cipher).

SSL Initiation Profile

SSL Termination Profile

Change History Table

Feature support is determined by the platform and release you are using. Use Feature Explorer to determine if a feature is supported on your platform.

Release
Description
19.4R1
Starting in Junos OS Release 19.4R1, SRX300 and SRX320 devices support RSA certificates with key size 4096 bits
18.4R1
Starting in Junos OS Release 18.4R1, support for some ciphers in custom ciphers are deprecated.
18.3R1
Starting in Junos OS Release 18.3R1, SRX Series Firewalls support ECDSA cipher suites for SSL proxy. ECDSA is a version of the Digital Signature Algorithm (DSA) and is based on Elliptic-curve cryptography (ECC).