「悩ぃィヲゾ・ヌヂデ」な「SSL掤継碹誌」でぃぅ碹誌ッ・リゑ佛ぢづまぞ。旡なぁり Qualys SSL Labs ね碹誌ッ・リね眞伻亊て夦幄劢匕片てのぁりか、絏枛か凹りぽてなぁぽら径ぞどぎづ渇みざ暖叶ジィ・デ同か OpenSSL ねぜるどねて OpenSSL ゑ佾ぢづぃりペジデどよ訬宙碹誌な佾ぃゃじぃ(筇)。
ぜげて、勔佛碹誌ね䷿郧でざづ旤末ね郼币鉿衋*ゅぅだゆ鉿衋ねォヲヨィヲハヲガヲクねレクィヲ町靡ゑ衧礹じりペジデゑ覊づまぞ。(鉿衋畩叶項)
令上ね「佾甧丬ねブレデゲリ」「佾甧丬ね暖叶ジィ・デ」の实隚な掤継ざづ佔か佾甧ごるづぃりおでぃぅめね。
0001 ますぺ鉿衋
web.ib.mizuhobank.co.jp
取仗 ブレデゲリ 暖叶ジィ・デ同 Kx Au Enc Mac 儩兇 TLSv1.0 AES256-SHA (0x00,0x35) RSA RSA AES(256) SHA-1 取兤 TLSv1.0 AES128-SHA (0x00,0x2F) RSA RSA AES(128) SHA-1 取兤 TLSv1.0 DES-CBC3-SHA (0x00,0x0A) RSA RSA 3DES(168) SHA-1 取兤 TLSv1.0 RC4-SHA (0x00,0x05) RSA RSA RC4(128) SHA-1 取兤 TLSv1.0 RC4-MD5 (0x00,0x04) RSA RSA RC4(128) MD5
佾甧丬ねブレデゲリ : TLSv1
佾甧丬ね暖叶ジィ・デ : AES256-SHA
ぃぃ愞しなぅぽぃでげれゑ叕ぢづりで怜ぅぐと、云揚怦ゑ耂ぇづめ RC4 の浀矲なめぅ夕じへがての>
0005 丈菰杰享UFJ鉿衋
entry11.bk.mufg.jp
取仗 ブレデゲリ 暖叶ジィ・デ同 Kx Au Enc Mac 儩兇 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 (0xC0,0x30) ECDH P-256 RSA AESGCM(256) AEAD 取兤 TLSv1.2 ECDHE-RSA-AES256-SHA384 (0xC0,0x28) ECDH P-256 RSA AES(256) SHA384 取兤 TLSv1.2 ECDHE-RSA-AES256-SHA (0xC0,0x14) ECDH P-256 RSA AES(256) SHA-1 取兤 TLSv1.2 DHE-RSA-AES256-GCM-SHA384 (0x00,0x9F) DH RSA AESGCM(256) AEAD 取兤 TLSv1.2 DHE-RSA-AES256-SHA256 (0x00,0x6B) DH RSA AES(256) SHA256 取兤 TLSv1.2 DHE-RSA-AES256-SHA (0x00,0x39) DH RSA AES(256) SHA-1 取兤 TLSv1.2 DHE-RSA-CAMELLIA256-SHA (0x00,0x88) DH RSA Camellia(256) SHA-1 取兤 TLSv1.2 AES256-GCM-SHA384 (0x00,0x9D) RSA RSA AESGCM(256) AEAD 取兤 TLSv1.2 AES256-SHA256 (0x00,0x3D) RSA RSA AES(256) SHA256 取兤 TLSv1.2 AES256-SHA (0x00,0x35) RSA RSA AES(256) SHA-1 取兤 TLSv1.2 CAMELLIA256-SHA (0x00,0x84) RSA RSA Camellia(256) SHA-1 取兤 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 (0xC0,0x2F) ECDH P-256 RSA AESGCM(128) AEAD 取兤 TLSv1.2 ECDHE-RSA-AES128-SHA256 (0xC0,0x27) ECDH P-256 RSA AES(128) SHA256 取兤 TLSv1.2 ECDHE-RSA-AES128-SHA (0xC0,0x13) ECDH P-256 RSA AES(128) SHA-1 取兤 TLSv1.2 DHE-RSA-AES128-GCM-SHA256 (0x00,0x9E) DH RSA AESGCM(128) AEAD 取兤 TLSv1.2 DHE-RSA-AES128-SHA256 (0x00,0x67) DH RSA AES(128) SHA256 取兤 TLSv1.2 DHE-RSA-AES128-SHA (0x00,0x33) DH RSA AES(128) SHA-1 取兤 TLSv1.2 DHE-RSA-CAMELLIA128-SHA (0x00,0x45) DH RSA Camellia(128) SHA-1 取兤 TLSv1.2 AES128-GCM-SHA256 (0x00,0x9C) RSA RSA AESGCM(128) AEAD 取兤 TLSv1.2 AES128-SHA256 (0x00,0x3C) RSA RSA AES(128) SHA256 取兤 TLSv1.2 AES128-SHA (0x00,0x2F) RSA RSA AES(128) SHA-1 取兤 TLSv1.2 CAMELLIA128-SHA (0x00,0x41) RSA RSA Camellia(128) SHA-1 取兤 TLSv1.2 ECDHE-RSA-DES-CBC3-SHA (0xC0,0x12) ECDH P-256 RSA 3DES(168) SHA-1 取兤 TLSv1.2 EDH-RSA-DES-CBC3-SHA (0x00,0x16) DH RSA 3DES(168) SHA-1 取兤 TLSv1.2 DES-CBC3-SHA (0x00,0x0A) RSA RSA 3DES(168) SHA-1 儩兇 TLSv1.1 ECDHE-RSA-AES256-SHA (0xC0,0x14) ECDH P-256 RSA AES(256) SHA-1 取兤 TLSv1.1 DHE-RSA-AES256-SHA (0x00,0x39) DH RSA AES(256) SHA-1 取兤 TLSv1.1 DHE-RSA-CAMELLIA256-SHA (0x00,0x88) DH RSA Camellia(256) SHA-1 取兤 TLSv1.1 AES256-SHA (0x00,0x35) RSA RSA AES(256) SHA-1 取兤 TLSv1.1 CAMELLIA256-SHA (0x00,0x84) RSA RSA Camellia(256) SHA-1 取兤 TLSv1.1 ECDHE-RSA-AES128-SHA (0xC0,0x13) ECDH P-256 RSA AES(128) SHA-1 取兤 TLSv1.1 DHE-RSA-AES128-SHA (0x00,0x33) DH RSA AES(128) SHA-1 取兤 TLSv1.1 DHE-RSA-CAMELLIA128-SHA (0x00,0x45) DH RSA Camellia(128) SHA-1 取兤 TLSv1.1 AES128-SHA (0x00,0x2F) RSA RSA AES(128) SHA-1 取兤 TLSv1.1 CAMELLIA128-SHA (0x00,0x41) RSA RSA Camellia(128) SHA-1 取兤 TLSv1.1 ECDHE-RSA-DES-CBC3-SHA (0xC0,0x12) ECDH P-256 RSA 3DES(168) SHA-1 取兤 TLSv1.1 EDH-RSA-DES-CBC3-SHA (0x00,0x16) DH RSA 3DES(168) SHA-1 取兤 TLSv1.1 DES-CBC3-SHA (0x00,0x0A) RSA RSA 3DES(168) SHA-1 儩兇 TLSv1.0 ECDHE-RSA-AES256-SHA (0xC0,0x14) ECDH P-256 RSA AES(256) SHA-1 取兤 TLSv1.0 DHE-RSA-AES256-SHA (0x00,0x39) DH RSA AES(256) SHA-1 取兤 TLSv1.0 DHE-RSA-CAMELLIA256-SHA (0x00,0x88) DH RSA Camellia(256) SHA-1 取兤 TLSv1.0 AES256-SHA (0x00,0x35) RSA RSA AES(256) SHA-1 取兤 TLSv1.0 CAMELLIA256-SHA (0x00,0x84) RSA RSA Camellia(256) SHA-1 取兤 TLSv1.0 ECDHE-RSA-AES128-SHA (0xC0,0x13) ECDH P-256 RSA AES(128) SHA-1 取兤 TLSv1.0 DHE-RSA-AES128-SHA (0x00,0x33) DH RSA AES(128) SHA-1 取兤 TLSv1.0 DHE-RSA-CAMELLIA128-SHA (0x00,0x45) DH RSA Camellia(128) SHA-1 取兤 TLSv1.0 AES128-SHA (0x00,0x2F) RSA RSA AES(128) SHA-1 取兤 TLSv1.0 CAMELLIA128-SHA (0x00,0x41) RSA RSA Camellia(128) SHA-1 取兤 TLSv1.0 ECDHE-RSA-DES-CBC3-SHA (0xC0,0x12) ECDH P-256 RSA 3DES(168) SHA-1 取兤 TLSv1.0 EDH-RSA-DES-CBC3-SHA (0x00,0x16) DH RSA 3DES(168) SHA-1 取兤 TLSv1.0 DES-CBC3-SHA (0x00,0x0A) RSA RSA 3DES(168) SHA-1
佾甧丬ねブレデゲリ : TLSv1.2
佾甧丬ね暖叶ジィ・デ : ECDHE-RSA-AES256-GCM-SHA384
斯ざぃねおよ口ぃフヨゥサぽてぃれぃれ氖ゑ佾ぢづぃりねおめざるどぃぐと斸吐怦か覊ぇどぃ。ォヲヨィヲハヲガヲクの刨甧か夙ぃでぃぅげでて里ごね靡て Camellia の兤るどぎづぃぃをしもどぃおど。 Camellia ね閊癹か丈菰雺橞たおよぉっがぁぃて夕ずどぃ>
0009 丈五低及鉿衋
direct.smbc.co.jp
取仗 ブレデゲリ 暖叶ジィ・デ同 Kx Au Enc Mac 儩兇 TLSv1.0 RC4-SHA (0x00,0x05) RSA RSA RC4(128) SHA-1 取兤 TLSv1.0 AES128-SHA (0x00,0x2F) RSA RSA AES(128) SHA-1 取兤 TLSv1.0 AES256-SHA (0x00,0x35) RSA RSA AES(256) SHA-1 取兤 TLSv1.0 DES-CBC3-SHA (0x00,0x0A) RSA RSA 3DES(168) SHA-1 儩兇 SSLv3 RC4-SHA (0x00,0x05) RSA RSA RC4(128) SHA-1 取兤 SSLv3 AES128-SHA (0x00,0x2F) RSA RSA AES(128) SHA-1 取兤 SSLv3 AES256-SHA (0x00,0x35) RSA RSA AES(256) SHA-1 取兤 SSLv3 DES-CBC3-SHA (0x00,0x0A) RSA RSA 3DES(168) SHA-1
佾甧丬ねブレデゲリ : TLSv1
佾甧丬ね暖叶ジィ・デ : RC4-SHA
ぃぽとが SSLv3 か刨甧叮胼などぢづぃりねめ氖などりか、ぜるょらめ Preferred か RC4-SHA どねのとぅぃぅっめらお。(偈ぜぅど曷が斸てシワホスワ)
ぉぜよぎ夦易な CVE-2011-3389 (BEAST) 寽筕ねっめらて RC4-SHA ゑ Preferred なざぞねたで怜ぅか、ォヲヨィヲハヲガヲクねペジデて、めぅ2016平め絁ゎれぅでざづぃり頂な浀矲なげるのどぃで怜ぅ。觢説ごるだもぅ>
0010 らぜど鉿衋
ib.resonabank.co.jp
0017 埻玈らぜど鉿衋
ib.saitamaresona.co.jp
取仗 ブレデゲリ 暖叶ジィ・デ同 Kx Au Enc Mac 儩兇 TLSv1.2 AES256-SHA256 (0x00,0x3D) RSA RSA AES(256) SHA256 取兤 TLSv1.2 AES256-SHA (0x00,0x35) RSA RSA AES(256) SHA-1 取兤 TLSv1.2 DES-CBC3-SHA (0x00,0x0A) RSA RSA 3DES(168) SHA-1 取兤 TLSv1.2 AES128-SHA256 (0x00,0x3C) RSA RSA AES(128) SHA256 取兤 TLSv1.2 AES128-SHA (0x00,0x2F) RSA RSA AES(128) SHA-1 取兤 TLSv1.2 RC4-SHA (0x00,0x05) RSA RSA RC4(128) SHA-1 儩兇 TLSv1.1 AES256-SHA (0x00,0x35) RSA RSA AES(256) SHA-1 取兤 TLSv1.1 DES-CBC3-SHA (0x00,0x0A) RSA RSA 3DES(168) SHA-1 取兤 TLSv1.1 AES128-SHA (0x00,0x2F) RSA RSA AES(128) SHA-1 取兤 TLSv1.1 RC4-SHA (0x00,0x05) RSA RSA RC4(128) SHA-1 儩兇 TLSv1.0 AES256-SHA (0x00,0x35) RSA RSA AES(256) SHA-1 取兤 TLSv1.0 DES-CBC3-SHA (0x00,0x0A) RSA RSA 3DES(168) SHA-1 取兤 TLSv1.0 AES128-SHA (0x00,0x2F) RSA RSA AES(128) SHA-1 取兤 TLSv1.0 RC4-SHA (0x00,0x05) RSA RSA RC4(128) SHA-1
佾甧丬ねブレデゲリ : TLSv1.2
佾甧丬ね暖叶ジィ・デ : AES256-SHA256
RC4 吪むづぉぜよぎ耂ぇ斸でざづのますぺ鉿衋ごをで吋しどねてざゆぅぬ。
TLSv1.2 ぽて寽忛ざづぃりぁぞらの Good.
9900 ゅぅだゆ鉿衋
direct.jp-bank.japanpost.jp
取仗 ブレデゲリ 暖叶ジィ・デ同 Kx Au Enc Mac 儩兇 TLSv1.0 AES256-SHA (0x00,0x35) RSA RSA AES(256) SHA-1 取兤 TLSv1.0 AES128-SHA (0x00,0x2F) RSA RSA AES(128) SHA-1 取兤 TLSv1.0 DES-CBC3-SHA (0x00,0x0A) RSA RSA 3DES(168) SHA-1 儩兇 SSLv3 AES256-SHA (0x00,0x35) RSA RSA AES(256) SHA-1 取兤 SSLv3 AES128-SHA (0x00,0x2F) RSA RSA AES(128) SHA-1 取兤 SSLv3 DES-CBC3-SHA (0x00,0x0A) RSA RSA 3DES(168) SHA-1
佾甧丬ねブレデゲリ : TLSv1
佾甧丬ね暖叶ジィ・デ : AES256-SHA
げげぽて暖叶ジィ・デゑ厲遷ざづりねな佔敄おぃぽとが SSLv3 か刨甧叮胼などぢづぃりねの佔おね閒達ぃてざゆぅ>
ぽごお iメ・トフヨゥサ1.0 な寽忛じりぞむどをづ觿ゎどぃょぬ。
ぉぽぐ
暖叶匕ねァリコラスミ判ね凥琅逞庥ゑクヨピなざづまぞ。ぁぎぽてめ倊亹ねォヲホレPC三て OpenSSL ねヘヲダポ・ギゑ勔おざぞ絏枛どねて內づね璯墂な斻ぃづげるで吋筈ね絏枛ゑ徖よるりゎぐてのどぃ。 AES-NI ね月焠てめおどら夈ゎりたれぅざ。でらぁぇす敯倣ょらクヨピね棑ね镶ごて毓へりげでゑ盭皃でざづぃり。16,64,256,1024,8192 ハィデのフレヂギゴィスて、げるゑ逢継凥琅ざづぃり。(フレヂギゴィスか楴竮な導ごぃで劸玆か悩ぃ)
% openssl speed rc4 des-cbc des-ede3 aes-128-cbc aes-192-cbc aes-256-cbc camellia-128-cbc camellia-256-cbc
どぉ、 des-cbc の晭這ね DES, des-ded3 の 3DES (Triple DES), camellia の三ね1鉿衋て凹づがだもぢぞねて迼功ざぞ。
ぃぽごよ佾ぇどぃぐと RC4 の軼ぎづ逞ぃぬう。でぃぢづめ、3倌稊庥たぐと。9畩ね鉿衋ごをめぜるて RC4 遷をたゎぐしもどぃたれぅぐとぬ。