Microsoft introduced new set of ciphers, in their update KB2919355, which is applicable to Windows 8.1 and Windows Server 2012 R2 operating systems.
The following cipher suites are enabled and in this priority order by default by the Microsoft Schannel Provider:
Cipher suite string | Allowed by SCH_USE_STRONG_CRYPTO | TLS/SSL | Protocol Versions |
---|---|---|---|
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 | Yes | TLS | 1.2 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384 | Yes | TLS | 1.2 |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256 | Yes | TLS | 1.2 |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384 | Yes | TLS | 1.2 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256 | Yes | TLS | 1.0, 1.1, 1.2 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384 | Yes | TLS | 1.0, 1.1, 1.2 |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256 | Yes | TLS | 1.0, 1.1, 1.2 |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384 | Yes | TLS | 1.0, 1.1, 1.2 |
Receiver for Windows 4.7, Receiver for Mac 12.5, Receiver for Android 3.12.2/3.12.3 and Receiver for Linux 13.6 introduce these ECDHE ciphers which trigger this defect.
• TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 and
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Install KB2919355 on all Windows 8.1 client machines.
The issue is due to a defect in some builds of NetScaler where SSL handshake fails if a client hello message includes an ECC extension but the NetScaler appliance does not support any of the ECDHE ciphers in the cipher list sent by the client. The handshake fails even if the list contains some non-ECDHE ciphers that are supported.