Sweet32 attack (DES, 3DES)

Warning

This resource is maintained for historical reference and does not contain the latest vulnerability info for Python.

The canonical database for vulnerabilities affecting Python is available on GitHub in the Open Source Vulnerability (OSV) format. This vulnerability can be viewed online at the Open Source Vulnerability Database.

Remove 3DES from ssl default cipher list.

Sweet32 vulnerability found by Karthik Bhargavan and Gaetan Leurent from the INRIA.

Dates:

• Disclosure date: 2016-08-24 (end of the Sweet32 embargo)
• Reported by: Karthik Bhargavan and Gaetan Leurent (Sweet32)

Fixed In

• Python 2.7.13 (2016-12-17) fixed by commit d988f42 (branch 2.7) (2016-09-06)
• Python 3.4.7 (2017-08-09) fixed by commit fa53dbd (branch 3.4) (2017-03-10)
• Python 3.5.3 (2017-01-16) fixed by commit 03d13c0 (branch 3.5) (2016-09-06)
• Python 3.6.0 (2016-12-22) fixed by commit 03d13c0 (branch 3.5) (2016-09-06)

Python issue

Remove 3DES from cipher list (sweet32 CVE-2016-2183).

• Python issue: bpo-27850
• Creation date: 2016-08-24
• Reporter: Christian Heimes

CVE-2016-2183

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a “Sweet32” attack.

• CVE ID: CVE-2016-2183
• Published: 2016-09-01
• CVSS Score: 5.0

Timeline

Timeline using the disclosure date 2016-08-24 as reference:

• 2016-08-24: Disclosure date (end of the Sweet32 embargo)
• 2016-08-24: Python issue bpo-27850 reported by Christian Heimes
• 2016-09-01 (+8 days): CVE-2016-2183 published
• 2016-09-06 (+13 days): commit 03d13c0 (branch 3.5)
• 2016-09-06 (+13 days): commit d988f42 (branch 2.7)
• 2016-12-17 (+115 days): Python 2.7.13 released
• 2016-12-22: Python 3.6.0 released
• 2017-01-16 (+145 days): Python 3.5.3 released
• 2017-03-10 (+198 days): commit fa53dbd (branch 3.4)
• 2017-08-09 (+350 days): Python 3.4.7 released

Links

• https://sweet32.info/
• https://www.openssl.org/blog/blog/2016/08/24/sweet32/