Topic: What does the Bar Mitzvah Attack mean for wolfSSL users?
This attack is based on the weak keys that the outdated stream cipher RC4 can sometimes generate. Simply put, stop using RC4 in TLS connections. In fact, wolfSSL (formerly CyaSSL) recently turned off the RC4 algorithm at build time. This will be the default starting with the upcoming 3.4.6 release. There has certainly been a pattern in the attacks that we’ve seen on TLS in the last few years; older Protocol versions, older modes, and older key sizes. We suggest using TLS 1.2 with AEAD ciphers and forward secrecy. Some people can’t get away with that in the interest of interoperability but it’s certainly the safest way forward that we can think of. Please contact us with any questions.
Feel free to visit our website at wolfssl.com or email us at firstname.lastname@example.org.