Authentication and port encryption enhancements in Notes and Domino 9.0.1 Fix Pack 7
What are the authentication and port encryption enhancements in Notes and Domino 9.0.1 Fix Pack 7?
IBM® Notes® and Domino® 9.0.1 Fix Pack 7 provides authentication and port encryption enhancements that are controlled through the following new server notes.ini settings:
- PORT_ENC_ADV controls the level of port encryption and enables the use of AES tickets.
- TICKET_ALG_SHA controls which cryptographic algorithm to use when constructing tickets. HMAC-SHA 256 is enabled by default.
The client side of the network connection advertises which algorithms it supports, and the server selects the most secure combination that both client and server support based on these service-side notes.ini settings.
This technote describes these two new settings and the logging that is available for them.
Security terms used in this document
|AES||The Advanced Encryption Standard (AES) is a symmetric encryption algorithm.|
|Confidentiality||Provides protection against eavesdropping.|
|GCM||Galois/Counter Mode (GCM) provides data authenticity (integrity) and confidentiality.|
|Forward Secrecy||A property of communications protocols that prevents recorded encrypted communications from being decrypted in the future even if long-term keys (Notes ID files) are later compromised.|
|integrity||Provides protection against tampering.|
|port encryption||The NRPC equivalent of SSL/TLS, port encryption provides integrity and confidentiality for NRPC data in motion.|
|ticket||A cryptographically generated secret used to improve the performance of NRPC authentication.|
Description: The advanced port encryption algorithms available for use when connecting to this Domino server.
Syntax: PORT_ENC_ADV= sum
where sum is the sum of the values in the following table that represents the options to enable:
|1||Enable HMAC-SHA256 integrity protection for the legacy RC4 port encryption.||Only useful for resource constrained servers that cannot handle AES encryption.|
|2||Enable AES-128 CBC rather than RC4 for confidentiality and HMAC-SHA256 for integrity.||At this time, we recommend using AES-GCM rather than AES-CBC.|
|4||Enable AES-128 GCM for confidentiality and integrity.||Current industry best practices indicate that 128 bit symmetric keys are strong enough to guard against attacks based on the classical laws of physics.|
|8||Enable AES-256 GCM for confidentiality and integrity.||256 bit keys are expected to provide "128-bit level" protection against attacks based on quantum computing. If AES-256 GCM is enabled without Forward Secrecy, AES-128 GCM is used instead.|
|16||Enable Forward Secrecy for port encryption using 2048 bit ephemeral Diffie-Hellman (FFDHE-2048)||Wikipedia page: https://en.wikipedia.org/wiki/Forward_secrecy|
|64||Enable AES tickets||Upgrades tickets from RC2-128 to AES-128. Best practice is to enable. Performance impact is minimal.|
Note: The most secure set of options that are supported by client and server are used. For example, if you enable all options (PORT_ENC_ADV=127), then the options that correspond to 8, 16, and 64 are used in 9.0.1 Fix Pack 7 and 1, 2, and 4 are not used. When an older client connects to an upgraded server, the older algorithms are used.
Applies to: Servers
Default: No new options enabled.
|Goal||Enabled options||Notes.ini value|
|Current security best practices||
Note: If this setting causes server performance problems, disable Forward Secrecy by changing to the following value: PORT_ENC_ADV=68
|Minimum performance impact||
Description: Controls which cryptographic algorithm to use when constructing tickets.
Syntax: TICKET_ALG_SHA= value
where value represents one of the following algorithms:
|256||HMAC-SHA 256 (Enabled by default; no configuration needed.)|
Applies to: Servers
Use DEBUG_PORT_ENC_ADV=1 to see detail about the new algorithms and any errors encountered when using them.
Use LOG_AUTHENTICATION=1 to determine which authentication algorithms are being used. This setting has been enhanced to contain information about the new algorithms and to be easier to interpret.
T shows the ticket algorithm and key size
S shows the session (network encryption) algorithm and key size
FS shows the algorithm (if any) used for Forward Secrecy.
E, P, A, and L are unchanged from previous releases.