Re: ssl3_choose_cipher

Thu, 23 Dec 1999 06:04:02 -0800 

Matthias Loepfe wrote:
> 
> Hi again,
> 
> Does really NOBODY has anything to say about the following? Shouldn't the server
> try to always choose the best available cipher?
> 
> regards
> 
> Matthias
> 
> Matthias Loepfe wrote:
> >
> > Hi
> >
> > I have fundamental question regarding choosing the chipher in SSL. The spec
> > says that the client send the accepted ciphers in the order of preference, and
> > that the server chooses then the cipher to use.
> >
> > In the current implementation of ssl3_choose_cipher() it is realy the client's
> > preference which will be take to choose from the common ciphers.
> >
> > But I know many companies which would like to be able to set the preference
> > on the server side.
> >
> > Because of the current behaviour the 'RC4-MD5' will be choosen before
> > 'DES-CBC3-SHA' which I think is not correct.
> >
> > Now the questions: 1) Is (from the spec point of view) the server side allowed
> >                       to choose according to his own preferences?
> >                    2) Why should the server not enforce his own preference?
> >

As you point out the SSL 3 spec says the client gives a list of ciphers
in order of preference and then says the server has to decide which to
use. 

I can't see any specific reason why the server can't enforce its own
preference but currently this can only be done AFAIK by disabling the
ciphers altogether and risking a handshake failure.

RC4 is often chosen over 3DES for speed reasons.

In terms of strength it depends on the interpretation: with sufficient
resources 3DES has an effective key size of 112 bits (due to the meet in
the middle attack) whereas RC4 is a maximum of 128.

Steve.
-- 
Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED] 
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the   OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to