The Secure Socket Layers (SSL) v3.0 protocol is no longer acceptable for protection of data due to inherent weaknesses within the protocol.
According to a bulletin from the PCI council on impending revisions to the PCI data security standard (DSS) and the payment application data security standard (PA-DSS), following The National Institute of Standards and Technology (NIST) identifying the Secure Socket Layers (SSL) v3.0 protocol as no longer being acceptable for protection of data due to inherent weaknesses within the protocol, the PCI council has said that no version of SSL meets PCI SSC’s definition of “strong cryptography”.
The security standards council said that revisions to PCI DSS and PA-DSS are necessary. “After working with stakeholders over the last several months to understand the impact to the industry, the Council will soon publish PCI DSS v3.1 and PA-DSS v3.1 to address this issue and provide other minor updates and clarifications,” a statement said.
“When published, PCI DSS v3.1 will be effective immediately, but impacted requirements will be future-dated to allow organisations time to implement the changes. For PA-DSS v3.1, the Council is also looking at how to address both future submissions and currently listed applications”.
The council said that in the interim, as there is no known way to remediate vulnerabilities inherent in the SSL protocol, the PCI Security Standards Council urged organisations to determine available options for upgrading to a strong cryptographic protocol as soon as possible.
The bulletin followed the January edition of the Council’s assessor newsletter, which confirmed that “no version of SSL meets PCI SSC’s definition of ‘strong cryptography’, and updates to the standards are needed to address this issue”, as reported by PCI Guru.
Speaking to IT Security Guru, Lancope CTO TK Keanini said that the problem is that clients and servers are not set up to negotiate, and so the danger is no one really understands what version is.
He said: “TLS was essentially the original version of SSL, that is all it was, and it comes down to implementation or math – one of them is going to have to fall. If the math is solid then someone’s implementation screwed up and I don’t know what makes the protocol itself weak, but I think the death nail was POODLE. The answer is whatever the flaw is in POODLE, the implementation is in the specification for SSL v3.”
John Smith, solutions architect at Veracode, said: “It is an accepted fact that SSL v3 is no longer secure, and that organisations should stop using it. However, many organisations have an existing application portfolio that includes applications and clients (e.g. browsers) which continue to depend upon it.
“Furthermore, our experience working with large enterprises suggests that most have an incomplete inventory of their application estate let alone knowing where SSL v3 remains enabled.
“For any organisation which intends to get a grip of this problem, the first step will be to understand both the extent of their application portfolio and also the prevalence of SSL v3 across the portfolio. This will allow informed decisions to be made about which applications should be upgraded and which should be retired to maintain an acceptable risk posture.”