[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: weak cipher in TLS?

first thanks for your answer. i understand, but i would have another question, or critics,
 which i could not find the answer yet.

WHY ist the lenght of the AES only 128 Bit, if it is possible to take 256 bit? 
are the exchange process easy?

 On Sun 22/11/09  5:42 AM , Roger Dingledine arma@xxxxxxx sent:
> On Sat, Nov 21, 2009 at 10:42:30PM +0100, moris blues wrote:
> > i red in the tor-spec, that: 
> > 
> > In "backwards-compatible
> renegotiation", the connection initiator's> ClientHello MUST include at least one
> ciphersuite other than those listed> above.
> > 
> > Does this mean that a different algorithm can be
> used that is not in the list?> Then it could theoretically unsafe Algo as DES
> are being used? 
> No, it means that a different algorithm (e.g. DES) could be *offered*.
> Generally in cipher negotiations, one side offers a wide variety of
> ciphers, and then the other either picks one it's comfortable with,
> or refuses to pick any of them.
> Correctly-behaving Tor clients (for example, the one we wrote) will
> onlyaccept ciphers with sufficient security properties.
> Responders MUST NOT select any TLS ciphersuite that lacks ephemeral
> keys,or whose symmetric keys are less then KEY_LEN bits, or whose digests
> areless than HASH_LEN bits.  Responders SHOULD NOT select any SSLv3
> ciphersuite other than those listed above.
> ("Those listed above" are basically DHE, RSA/DSS, AES/3DES, and
> SHA1.)
> --Roger
> ***********************************************************************
> To unsubscribe, send an e-mail to majo
> rdomo@xxxxxxxxxxxxxx withunsubscribe or-talk    in the body. http://archives.seul.org/or/talk/
versendet mit www.oleco.de Mail - Anmeldung und Nutzung kostenlos!
Oleco www.netlcr.org - jetzt auch mit Spamschutz.
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/