During a web-application penetration test, you run nmap --script ssl-enum-ciphers -p 443 against the target host. The script shows a single supported cipher suite:
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (ecdh_x25519)
No other suites are offered. As the tester, which cryptographic weakness should you document, and what mitigation should you recommend?
The x25519 elliptic curve is obsolete and insecure; mandate using the secp256r1 curve instead.
The 128-bit AES key length is now considered weak; require only 256-bit AES cipher suites.
The suite relies on CBC with separate HMAC, making it susceptible to padding-oracle attacks such as BEAST and Lucky Thirteen; advise enabling AEAD cipher suites (AES-GCM or ChaCha20-Poly1305).
It uses RSA for key exchange, so it lacks forward secrecy; recommend replacing it with DHE or ECDHE-based suites.
The advertised suite protects the session with AES in CBC mode and appends a separate HMAC (MAC-then-Encrypt). CBC-based TLS suites have been repeatedly broken by attacks such as BEAST, POODLE, and Lucky Thirteen that exploit weaknesses at the block-cipher padding or MAC verification stages. Modern guidance recommends using AEAD (Authenticated Encryption with Associated Data) suites like AES-GCM or ChaCha20-Poly1305, which combine encryption and integrity in a single operation and are not affected by those padding-oracle style flaws. Forward secrecy is already provided by the ECDHE key exchange, so that is not the issue here. The 128-bit key length remains considered secure for AES, and the x25519 curve is current, not deprecated.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is CBC mode in cryptography?
Open an interactive chat with Bash
What are AEAD cipher suites, and why are they recommended?
Open an interactive chat with Bash
Why is ECDHE used for key exchange, and what does forward secrecy mean?
Open an interactive chat with Bash
What is CBC mode in cryptography?
Open an interactive chat with Bash
What are padding-oracle attacks?
Open an interactive chat with Bash
What is AEAD and why is it recommended in secure protocols?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Cryptography
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .