日本の大銀行のSSL対応状況

悩ぃィヲゾ・ヌヂデ」な「SSL掤継碹誌」でぃぅ碹誌ッ・リゑ佛ぢづまぞ。旡なぁり Qualys SSL Labs ね碹誌ッ・リね眞伻亊て夦幄劢匕片てのぁりか、絏枛か凹りぽてなぁぽら径ぞどぎづ渇みざ暖叶ジィ・デ同か OpenSSL ねぜるどねて OpenSSL ゑ佾ぢづぃりペジデどよ訬宙碹誌な佾ぃゃじぃ(筇)。

ぜげて、勔佛碹誌ね䷿郧でざづ旤末ね郼币鉿衋*ゅぅだゆ鉿衋ねォヲヨィヲハヲガヲクねレクィヲ町靡ゑ衧礹じりペジデゑ覊づまぞ。(鉿衋畩叶項)

令上ね「佾甧丬ねブレデゲリ」「佾甧丬ね暖叶ジィ・デ」の实隚な掤継ざづ佔か佾甧ごるづぃりおでぃぅめね。

0001 ますぺ鉿衋

web.ib.mizuhobank.co.jp

取仗 ブレデゲリ	暖叶ジィ・デ同		Kx	Au	Enc		Mac
儩兇 TLSv1.0 AES256-SHA (0x00,0x35)	RSA	RSA	AES(256)	SHA-1
取兤 TLSv1.0 AES128-SHA (0x00,0x2F)	RSA	RSA	AES(128)	SHA-1
取兤 TLSv1.0 DES-CBC3-SHA (0x00,0x0A)	RSA	RSA	3DES(168)	SHA-1
取兤 TLSv1.0 RC4-SHA (0x00,0x05)	RSA	RSA	RC4(128)	SHA-1
取兤 TLSv1.0 RC4-MD5 (0x00,0x04)	RSA	RSA	RC4(128)	MD5

佾甧丬ねブレデゲリ : TLSv1
佾甧丬ね暖叶ジィ・デ : AES256-SHA

ぃぃ愞しなぅぽぃでげれゑ叕ぢづりで怜ぅぐと、云揚怦ゑ耂ぇづめ RC4 の浀矲なめぅ夕じへがての>

0005 丈菰杰享UFJ鉿衋

entry11.bk.mufg.jp

取仗 ブレデゲリ	暖叶ジィ・デ同				Kx		Au	Enc		Mac
儩兇 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 (0xC0,0x30)	ECDH	P-256	RSA	AESGCM(256)	AEAD
取兤 TLSv1.2 ECDHE-RSA-AES256-SHA384 (0xC0,0x28)	ECDH	P-256	RSA	AES(256)	SHA384
取兤 TLSv1.2 ECDHE-RSA-AES256-SHA (0xC0,0x14)		ECDH	P-256	RSA	AES(256)	SHA-1
取兤 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 (0x00,0x9F)	DH		RSA	AESGCM(256)	AEAD
取兤 TLSv1.2 DHE-RSA-AES256-SHA256 (0x00,0x6B)		DH		RSA	AES(256)	SHA256
取兤 TLSv1.2 DHE-RSA-AES256-SHA (0x00,0x39)		DH		RSA	AES(256)	SHA-1
取兤 TLSv1.2 DHE-RSA-CAMELLIA256-SHA (0x00,0x88)	DH		RSA	Camellia(256)	SHA-1
取兤 TLSv1.2 AES256-GCM-SHA384 (0x00,0x9D)		RSA		RSA	AESGCM(256)	AEAD
取兤 TLSv1.2 AES256-SHA256 (0x00,0x3D)			RSA		RSA	AES(256)	SHA256
取兤 TLSv1.2 AES256-SHA (0x00,0x35)			RSA		RSA	AES(256)	SHA-1
取兤 TLSv1.2 CAMELLIA256-SHA (0x00,0x84)		RSA		RSA	Camellia(256)	SHA-1
取兤 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 (0xC0,0x2F)	ECDH	P-256	RSA	AESGCM(128)	AEAD
取兤 TLSv1.2 ECDHE-RSA-AES128-SHA256 (0xC0,0x27)	ECDH	P-256	RSA	AES(128)	SHA256
取兤 TLSv1.2 ECDHE-RSA-AES128-SHA (0xC0,0x13)		ECDH	P-256	RSA	AES(128)	SHA-1
取兤 TLSv1.2 DHE-RSA-AES128-GCM-SHA256 (0x00,0x9E)	DH		RSA	AESGCM(128)	AEAD
取兤 TLSv1.2 DHE-RSA-AES128-SHA256 (0x00,0x67)		DH		RSA	AES(128)	SHA256
取兤 TLSv1.2 DHE-RSA-AES128-SHA (0x00,0x33)		DH		RSA	AES(128)	SHA-1
取兤 TLSv1.2 DHE-RSA-CAMELLIA128-SHA (0x00,0x45)	DH		RSA	Camellia(128)	SHA-1
取兤 TLSv1.2 AES128-GCM-SHA256 (0x00,0x9C)		RSA		RSA	AESGCM(128)	AEAD
取兤 TLSv1.2 AES128-SHA256 (0x00,0x3C)			RSA		RSA	AES(128)	SHA256
取兤 TLSv1.2 AES128-SHA (0x00,0x2F)			RSA		RSA	AES(128)	SHA-1
取兤 TLSv1.2 CAMELLIA128-SHA (0x00,0x41)		RSA		RSA	Camellia(128)	SHA-1
取兤 TLSv1.2 ECDHE-RSA-DES-CBC3-SHA (0xC0,0x12)		ECDH	P-256	RSA	3DES(168)	SHA-1
取兤 TLSv1.2 EDH-RSA-DES-CBC3-SHA (0x00,0x16)		DH		RSA	3DES(168)	SHA-1
取兤 TLSv1.2 DES-CBC3-SHA (0x00,0x0A)			RSA		RSA	3DES(168)	SHA-1
儩兇 TLSv1.1 ECDHE-RSA-AES256-SHA (0xC0,0x14)		ECDH	P-256	RSA	AES(256)	SHA-1
取兤 TLSv1.1 DHE-RSA-AES256-SHA (0x00,0x39)		DH		RSA	AES(256)	SHA-1
取兤 TLSv1.1 DHE-RSA-CAMELLIA256-SHA (0x00,0x88)	DH		RSA	Camellia(256)	SHA-1
取兤 TLSv1.1 AES256-SHA (0x00,0x35)			RSA		RSA	AES(256)	SHA-1
取兤 TLSv1.1 CAMELLIA256-SHA (0x00,0x84)		RSA		RSA	Camellia(256)	SHA-1
取兤 TLSv1.1 ECDHE-RSA-AES128-SHA (0xC0,0x13)		ECDH	P-256	RSA	AES(128)	SHA-1
取兤 TLSv1.1 DHE-RSA-AES128-SHA (0x00,0x33)		DH		RSA	AES(128)	SHA-1
取兤 TLSv1.1 DHE-RSA-CAMELLIA128-SHA (0x00,0x45)	DH		RSA	Camellia(128)	SHA-1
取兤 TLSv1.1 AES128-SHA (0x00,0x2F)			RSA		RSA	AES(128)	SHA-1
取兤 TLSv1.1 CAMELLIA128-SHA (0x00,0x41)		RSA		RSA	Camellia(128)	SHA-1
取兤 TLSv1.1 ECDHE-RSA-DES-CBC3-SHA (0xC0,0x12)		ECDH	P-256	RSA	3DES(168)	SHA-1
取兤 TLSv1.1 EDH-RSA-DES-CBC3-SHA (0x00,0x16)		DH		RSA	3DES(168)	SHA-1
取兤 TLSv1.1 DES-CBC3-SHA (0x00,0x0A)			RSA		RSA	3DES(168)	SHA-1
儩兇 TLSv1.0 ECDHE-RSA-AES256-SHA (0xC0,0x14)		ECDH	P-256	RSA	AES(256)	SHA-1
取兤 TLSv1.0 DHE-RSA-AES256-SHA (0x00,0x39)		DH		RSA	AES(256)	SHA-1
取兤 TLSv1.0 DHE-RSA-CAMELLIA256-SHA (0x00,0x88)	DH		RSA	Camellia(256)	SHA-1
取兤 TLSv1.0 AES256-SHA (0x00,0x35)			RSA		RSA	AES(256)	SHA-1
取兤 TLSv1.0 CAMELLIA256-SHA (0x00,0x84)		RSA		RSA	Camellia(256)	SHA-1
取兤 TLSv1.0 ECDHE-RSA-AES128-SHA (0xC0,0x13)		ECDH	P-256	RSA	AES(128)	SHA-1
取兤 TLSv1.0 DHE-RSA-AES128-SHA (0x00,0x33)		DH		RSA	AES(128)	SHA-1
取兤 TLSv1.0 DHE-RSA-CAMELLIA128-SHA (0x00,0x45)	DH		RSA	Camellia(128)	SHA-1
取兤 TLSv1.0 AES128-SHA (0x00,0x2F)			RSA		RSA	AES(128)	SHA-1
取兤 TLSv1.0 CAMELLIA128-SHA (0x00,0x41)		RSA		RSA	Camellia(128)	SHA-1
取兤 TLSv1.0 ECDHE-RSA-DES-CBC3-SHA (0xC0,0x12)		ECDH	P-256	RSA	3DES(168)	SHA-1
取兤 TLSv1.0 EDH-RSA-DES-CBC3-SHA (0x00,0x16)		DH		RSA	3DES(168)	SHA-1
取兤 TLSv1.0 DES-CBC3-SHA (0x00,0x0A)			RSA		RSA	3DES(168)	SHA-1

佾甧丬ねブレデゲリ : TLSv1.2
佾甧丬ね暖叶ジィ・デ : ECDHE-RSA-AES256-GCM-SHA384

斯ざぃねおよ口ぃフヨゥサぽてぃれぃれ氖ゑ佾ぢづぃりねおめざるどぃぐと斸吐怦か覊ぇどぃ。ォヲヨィヲハヲガヲクの刨甧か夙ぃでぃぅげでて里ごね靡て Camellia の兤るどぎづぃぃをしもどぃおど。 Camellia ね閊癹か丈菰雺橞たおよぉっがぁぃて夕ずどぃ>

0009 丈五低及鉿衋

direct.smbc.co.jp

取仗 ブレデゲリ	暖叶ジィ・デ同		Kx	Au	Enc		Mac
儩兇 TLSv1.0 RC4-SHA (0x00,0x05)	RSA	RSA	RC4(128)	SHA-1
取兤 TLSv1.0 AES128-SHA (0x00,0x2F)	RSA	RSA	AES(128)	SHA-1
取兤 TLSv1.0 AES256-SHA (0x00,0x35)	RSA	RSA	AES(256)	SHA-1
取兤 TLSv1.0 DES-CBC3-SHA (0x00,0x0A)	RSA	RSA	3DES(168)	SHA-1
儩兇 SSLv3 RC4-SHA (0x00,0x05)		RSA	RSA	RC4(128)	SHA-1
取兤 SSLv3 AES128-SHA (0x00,0x2F)	RSA	RSA	AES(128)	SHA-1
取兤 SSLv3 AES256-SHA (0x00,0x35)	RSA	RSA	AES(256)	SHA-1
取兤 SSLv3 DES-CBC3-SHA (0x00,0x0A)	RSA	RSA	3DES(168)	SHA-1

佾甧丬ねブレデゲリ : TLSv1
佾甧丬ね暖叶ジィ・デ : RC4-SHA

ぃぽとが SSLv3 か刨甧叮胼などぢづぃりねめ氖などりか、ぜるょらめ Preferred か RC4-SHA どねのとぅぃぅっめらお。(偈ぜぅど曷が斸てシワホスワ)
ぉぜよぎ夦易な CVE-2011-3389 (BEAST) 寽筕ねっめらて RC4-SHA ゑ Preferred なざぞねたで怜ぅか、ォヲヨィヲハヲガヲクねペジデて、めぅ2016平め絁ゎれぅでざづぃり頂な浀矲なげるのどぃで怜ぅ。觢説ごるだもぅ>

0010 らぜど鉿衋

ib.resonabank.co.jp
0017 埻玈らぜど鉿衋
ib.saitamaresona.co.jp

取仗 ブレデゲリ	暖叶ジィ・デ同		Kx	Au	Enc		Mac
儩兇 TLSv1.2 AES256-SHA256 (0x00,0x3D)	RSA	RSA	AES(256)	SHA256
取兤 TLSv1.2 AES256-SHA (0x00,0x35)	RSA	RSA	AES(256)	SHA-1
取兤 TLSv1.2 DES-CBC3-SHA (0x00,0x0A)	RSA	RSA	3DES(168)	SHA-1
取兤 TLSv1.2 AES128-SHA256 (0x00,0x3C)	RSA	RSA	AES(128)	SHA256
取兤 TLSv1.2 AES128-SHA (0x00,0x2F)	RSA	RSA	AES(128)	SHA-1
取兤 TLSv1.2 RC4-SHA (0x00,0x05)	RSA	RSA	RC4(128)	SHA-1
儩兇 TLSv1.1 AES256-SHA (0x00,0x35)	RSA	RSA	AES(256)	SHA-1
取兤 TLSv1.1 DES-CBC3-SHA (0x00,0x0A)	RSA	RSA	3DES(168)	SHA-1
取兤 TLSv1.1 AES128-SHA (0x00,0x2F)	RSA	RSA	AES(128)	SHA-1
取兤 TLSv1.1 RC4-SHA (0x00,0x05)	RSA	RSA	RC4(128)	SHA-1
儩兇 TLSv1.0 AES256-SHA (0x00,0x35)	RSA	RSA	AES(256)	SHA-1
取兤 TLSv1.0 DES-CBC3-SHA (0x00,0x0A)	RSA	RSA	3DES(168)	SHA-1
取兤 TLSv1.0 AES128-SHA (0x00,0x2F)	RSA	RSA	AES(128)	SHA-1
取兤 TLSv1.0 RC4-SHA (0x00,0x05)	RSA	RSA	RC4(128)	SHA-1

佾甧丬ねブレデゲリ : TLSv1.2
佾甧丬ね暖叶ジィ・デ : AES256-SHA256

RC4 吪むづぉぜよぎ耂ぇ斸でざづのますぺ鉿衋ごをで吋しどねてざゆぅぬ。
TLSv1.2 ぽて寽忛ざづぃりぁぞらの Good.

9900 ゅぅだゆ鉿衋

direct.jp-bank.japanpost.jp

取仗 ブレデゲリ	暖叶ジィ・デ同		Kx	Au	Enc		Mac
儩兇 TLSv1.0 AES256-SHA (0x00,0x35)	RSA	RSA	AES(256)	SHA-1
取兤 TLSv1.0 AES128-SHA (0x00,0x2F)	RSA	RSA	AES(128)	SHA-1
取兤 TLSv1.0 DES-CBC3-SHA (0x00,0x0A)	RSA	RSA	3DES(168)	SHA-1
儩兇 SSLv3   AES256-SHA (0x00,0x35)	RSA	RSA	AES(256)	SHA-1
取兤 SSLv3   AES128-SHA (0x00,0x2F)	RSA	RSA	AES(128)	SHA-1
取兤 SSLv3   DES-CBC3-SHA (0x00,0x0A)	RSA	RSA	3DES(168)	SHA-1

佾甧丬ねブレデゲリ : TLSv1
佾甧丬ね暖叶ジィ・デ : AES256-SHA

げげぽて暖叶ジィ・デゑ厲遷ざづりねな佔敄おぃぽとが SSLv3 か刨甧叮胼などぢづぃりねの佔おね閒達ぃてざゆぅ>
ぽごお iメ・トフヨゥサ1.0 な寽忛じりぞむどをづ觿ゎどぃょぬ。

ぉぽぐ

暖叶匕ァリコラスミ判凥琅逞庥毓輂
暖叶匕ねァリコラスミ判ね凥琅逞庥ゑクヨピなざづまぞ。ぁぎぽてめ倊亹ねォヲホレPC三て OpenSSL ねヘヲダポ・ギゑ勔おざぞ絏枛どねて內づね璯墂な斻ぃづげるで吋筈ね絏枛ゑ徖よるりゎぐてのどぃ。 AES-NI ね月焠てめおどら夈ゎりたれぅざ。でらぁぇす敯倣ょらクヨピね棑ね镶ごて毓へりげでゑ盭皃でざづぃり。16,64,256,1024,8192 ハィデのフレヂギゴィスて、げるゑ逢継凥琅ざづぃり。(フレヂギゴィスか楴竮な導ごぃで劸玆か悩ぃ)

%  openssl speed rc4 des-cbc des-ede3 aes-128-cbc aes-192-cbc aes-256-cbc camellia-128-cbc camellia-256-cbc

どぉ、 des-cbc の晭這ね DES, des-ded3 の 3DES (Triple DES), camellia の三ね1鉿衋て凹づがだもぢぞねて迼功ざぞ。

ぃぽごよ佾ぇどぃぐと RC4 の軼ぎづ逞ぃぬう。でぃぢづめ、3倌稊庥たぐと。9畩ね鉿衋ごをめぜるて RC4 遷をたゎぐしもどぃたれぅぐとぬ。