Encryption Smackdown: PlayStation 4 vs. Xbox One! (SecurityWeek)

PS4 vs XBOX Encryption

Ladies and Gentlemen! Gamers and Cryptoheads! Have you ever wondered which major gaming console has the best message encryption? Well, I’m going to reveal the clear winner in my own recent personal test.

This is a follow-up to one of my more popular SecurityWeek articles, “Paris Attacks: What Kind of Encryption Does the PlayStation 4 Use, Anyway?” If you recall, in the hours after the 2015 Paris attacks, there was a rumor that the terrorists were using PlayStations to communicate with each other. That turned out to be fake news (they were just using burner phones) but the rumor intrigued me. I sniffed my PS4 message traffic, analyzed it, and ultimately concluded the PS4 had not terrible consumer grade encryption. Sony has improved their message security since then, but by how much?

For the encryption smackdown, my colleague, Benjamin Guité, has all the modern consoles. He hooked both his PS4 and his Xbox One into a managed switch and tapped the message traffic between each console and their respective messaging servers. The PS4 appears to use an AWS-hosted messaging server, us­ntl.np.community.playstation.net, and the Xbox appears to use messenger.live.com as its server (which one would assume is hosted in Azure).

TLS Protocol Preference: Same

In 2015, the PS4 message servers preferred TLS 1.0 instead of the newer TLS 1.2 protocol. Today, both PlayStation and Xbox One consoles connect to their cloud-based messaging servers using TLS 1.2, as you’d expect. 

Forward Secrecy Winner: Xbox One

Forward secrecy is the cryptographic technique used to secure a connection such that only the two endpoints can communicate securely; even if a third party has private key associated to the server, it cannot decrypt the ciphertext. 

Forward secrecy has enjoyed massive popularity in the crypto community over the last three years and it is even required in the forthcoming TLS 1.3 protocol. Forward secrecy is noted by the use of a Diffie-Helman key exchange. In a Wireshark capture, you’ll see these as DHE or ECDHE.

PS4 vs. XBOX Encryption

Symmetric Key Winner: Xbox One

The PlayStation 4 system elects the cipher TLS_RSA_WITH_AES_128_CBC_SHA256. There’s nothing really wrong with 128-bit AES or 256-bit SHA, but the Xbox goes an extra step, using 256-bit AES and a 384-bit SHA. Most of the Internet has moved on from CBC ciphers to the faster and cooler counter-mode (_GCM_) ciphers, and one would expect the consoles to do the same in the future.

Certificate Winner: Xbox One

In 2015, PlayStation messaging servers were still using certificates with a SHA-1 signature. That’s a no-no today, and it’s good to see that Sony has upgraded since then. Their latest certificate has a SHA2 signature, just like Microsoft’s messaging server.

However, the Xbox messaging server supports OCSP stapling, which provides recent certificate revocation information to the console without the requirement of a separate connection. Whether or not the console actually uses that information is beyond me, but the fact that the server supports it is a huge plus. So, the winner for certificate support is Microsoft.

SSL Server Score Winner: Xbox One

The Qualys SSL Labs server test gives out letter grades indicating the relative security posture for SSL/TLS servers. The Sony servers, unfortunately, get a very low grade due their vulnerability to a CBC padding oracle attack, CVE-2016-2108.

SSL Report for XBOX Live

Microsoft’s messaging servers, on the other hand, get a near-perfect letter grade, so the Xbox One is definitely the clear winner here. Microsoft has a long history with security, and their experience shows in their superior messaging encryption.

PS4 vs. XBOX Live Encryption Usage Traffic

So, Kudos to Microsoft’s Xbox One console, which is the clear winner in this Encryption Smackdown!

Related ReportSSL/TLS Telemetry Report 2016

David Holmes is an evangelist for

F5 Networks

‘ security solutions, with an emphasis on distributed denial of service attacks, cryptography and firewall technology. He has spoken at conferences such as RSA, InfoSec and Gartner Data Center. Holmes has authored white papers on security topics from the modern DDoS threat spectrum to new paradigms of firewall management. Since joining F5 in 2001, Holmes has helped design system and core security features of F5’s Traffic Management Operating System (TMOS). Prior to joining F5, Holmes served as Vice President of Engineering at Dvorak Development. With more than 20 years of experience in security and product engineering, Holmes has contributed to security-related open source software projects such as OpenSSL. Follow David Holmes on twitter

@Dholmesf5

.

Previous Columns by David Holmes:

Tags:

Source: SANS ISC SecNewsFeed @ March 1, 2017 at 05:30AM

0
Share