[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Minimum required ciphers for running Tor as both client and router.



On Fri, Jul 13, 2012 at 8:14 AM, Gino Badouri <g.badouri@xxxxxxxxx> wrote:

Hi!

> From the OpenSSL documentation it seems that no-hw and no-engines leaves out
> support for hardware crypto engines so those are safe to set (our devices
> don't have them).
>
> Could anybody provide us with more "no-" options for ciphers we can skip?
> Thanks alot!

The absolutely required cryptographic primitives for Tor are AES,
SHA1, SHA256, DH, and RSA.  This may grow in the future.

Be aware though that being unable to negotiate certain ciphersuites
might make your devices more fingerprintable, since starting in
0.2.3.x Tor will no longer advertise openssl-supported ciphersuites
that it doesn't have.

-- 
Nick
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev