As part of our continuing work to ensure that Firefox provides secure and private network connections, it periodically becomes necessary to disable configurations or even entire protocols that were once thought to be secure, but no longer provide adequate protection. For example, last year, early versions of the Transport Layer Security (TLS) protocol were disabled by default.
One of the options that goes into configuring TLS is the choice of which encryption algorithms to enable. That is, which methods are available to use to encrypt and decrypt data when communicating with a web server?
Goodbye, 3DES
3DES (“triple DES”, an adaptation of DES (“Data Encryption Standard”)) was for many years a popular encryption algorithm. However, as attacks against it have become stronger, and as other more secure and efficient encryption algorithms have been standardized and are now widely supported, it has fallen out of use. Recent measurements indicate that Firefox encounters servers that choose to use 3DES about as often as servers that use deprecated versions of TLS.
As long as 3DES remains an option that Firefox provides, it poses a security and privacy risk. Because it is no longer necessary or prudent to use this encryption algorithm, it is disabled by default in Firefox 93.
Addressing Compatibility
As with disabling obsolete versions of TLS, deprecating 3DES may cause compatibility issues. We hypothesize that the remaining uses of 3DES correspond mostly to outdated devices that use old cryptography and cannot be upgraded. It may also be that some modern servers inexplicably (perhaps unintentionally) use 3DES when other more secure and efficient encryption algorithms are available. Disabling 3DES by default helps with the latter case, as it forces those servers to choose better algorithms. To account for the former situation, Firefox will allow 3DES to be used when deprecated versions of TLS have manually been enabled. This will protect connections by default by forbidding 3DES when it is unnecessary while allowing it to be used with obsolete servers if necessary.