On 06.09.2013 18:20, Peter Saint-Andre wrote:
Hash: SHA1

On 9/6/13 8:36 AM, Perry E. Metzger wrote:
One solution, preventing passive attacks, is for major
browsers and websites to switch to using PFS ciphersuites (i.e.
those based on ephemeral Diffie-Hellmann key exchange).

It occurred to me yesterday that this seems like something all
major service providers should be doing. I'm sure that some voices
will say additional delay harms user experience. Such voices should
be ruthlessly ignored.


In practice, how do we make that happen? On the XMPP network we're
pushing to make sure that all client-to-server and server-to-server
hops are encrypted (yes, I know, per-hop encryption is not enough, we
need end-to-end encryption too). Is there a handy list of PFS-friendly
ciphersuites that I can communicate to XMPP developers and admins so
they can start upgrading their software and deployments?



yet, one can find this sort of thing in 3rd position when searching "nginx crypto" :


quote :

The developers of Nginx have recently changed the default SSL ciphers to include the very strong Diffie-Hellman Ephemeral (DHE) cipher. DHE is used to provide perfect forward secrecy in TLS.

Further reading on Ephermal Diffie-Hellman, PFS and TLS at Wikipedia.org

While I applaud this move on the part of the Nginx dev team there is a tradeoff and that is slower performance. DHE provides stronger encryption which in turn requires more computation but here’s where it gets interesting. To meet today’s PCI DSS crypto standards DHE is not required. Like many things in life there’s a balance to be struck between the risk of compromised encryption and the additional expense or rather the relative loss of connections per second. I’m not a lawyer nor should this be considered legal advice but I prefer things that go fast while meeting the necessary PCI compliance criteria.

In order to disable DHE in the server context of the Nginx configuration add the following line:

ssl_ciphers RC4:HIGH:!aNULL:!MD5:!kEDH;

The cryptography mailing list

Reply via email to