CipherSuite for TLS 1.0 security issue in JXTA?
It looks like no cipher suite is specified by JXTA when creating a TLS 1.0 connection. Therefore it tacitly implies that the cipher suite that will be used depends on what both peers will agree on. It also means that it will depend on which CipherSuites each peer supports (i.e., has implemented).
Some of the authorized cipher suites defined in the official specification of TLS 1.0 use notoriously weak algorithms. So, if I am a vicious hacker, I could fiddle with the current JXTA implementation to pretend that my SSLSocket connection only supports one of those weak cipher suites.
I would distribute my product based on my fiddled version of JXTA, let those using this version start some communication and evedrop those communications. They will be able to establish 'secured connections' with non-fiddled JXTA implementation peers assuming that these implement the weak cipher suite too.
Since the CipherSuite algorithm can relatively easily be cracked, I can retrieve their secrets relatively easily, defeating the purpose of secured communication. This attack is a bit hard to achieve, but some hackers will manage to accomplish this.
I think that a simple control on TLS_NULL_WITH_NULL_NULL is not enough. If we set a list of 'good' cipher suites and checked against it when establishing TLS connections, this attack would automatically be defeated by those using the official implementation of JXTA.
Am I missing something?