By modern standards the M66’s SSL capabilities are severely limited and outdated:
- Only the 0X003D ciphersuite (TLS_RSA_WITH_AES_256_CBC_SHA256) is somewhat secure on the M66, but it has large wire overhead (up to 63 bytes depending on the payload length)
- The rest of the supported ciphersuites are all insecure:
2.1 the M66 supports only AES-CBC and RC4
2.2 CBC mode has been cryptographically broken since long and is prohibited in TLSv1.3 (note this is also true for ciphersuite 0X003D above)
2.3 RC4 is even worse as it can be cracked literally in minutes on a regular smartphone - None of the supported ciphersuites provide forward secrecy
- No DTLS support at all (so encryption is only supported for TCP sockets, not for UDP)
- No TLSv1.3 support
Are there any plans to provide an updated firmware with better SSL functionality?
For a minimum-effort patch, at least support for TLS_RSA_WITH_AES_128_GCM_SHA256 should be added. This would still stay within the bounds of TLSv1.2, while getting rid of security issues with CBC and also significantly reducing the bandwidth overhead for small messages compared to TLS_RSA_WITH_AES_256_CBC_SHA256.
Optimally, support for TLSv1.3 should be added, which prohibits CBC and mandates forward secrecy, resulting in optimal security. DTLS support for UDP applications would be also welcome. Given that these features already exist for other Quectel modules, it might not be unrealistic to add them here too.