-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 09/02/14 10:09, Peter Backes via RT wrote: > SHA512 is not offered at all To the best of my knowlege, there is no ciphersuite that uses SHA-512, either in OpenSSL, or in the RFCs. OpenSSL cannot implement a ciphersuite until identifiers for it have been assigned, it would hamper interoperability with other cryptographic toolkits. > for AES256; SHA384 is the maximum. This is in line with the NSA Suite B specification. Also, SHA-384 is the same algorithm as SHA-512, just with different starting constants, and truncation to reduce its output length. > Further, SHA1 appears in quite a lot of ciphers suites. It has > severe known weaknesses. No it does not. To the best of my knowlege, no-one has demonstrated a feasible second-preimage attack on SHA-1. However, its use is starting to be discouraged now, for example in NIST SP800-131A, when used in a signature scheme by itself. For example, SHA1withRSA in X.509 certificates, or SHA1 in PGP (you will note I am PGP-signing this message with SHA256). But more to the point, SHA-1 as used in ciphersuites is used in an HMAC construction. Deficiencies or vulnerabilities that affect plain SHA-1 do not affect HMAC-SHA-1. For this reason, even HMAC-MD5 is still *okay* (although its use in new applications is discouraged). > Yet, unreasonable cipher suites with SHA1, like > ECDHE-ECDSA-AES128-SHA even have higher priority than reasonable > ones like DHE-RSA-AES128-SHA256. Applications are free to set their own order of ciphers with SSL_CTX_set_cipher_list(3ssl). Also, servers are free to use their preferred order of ciphersuites, rather than the first suite from the client list that is mutually supported, by setting the SSL_OP_CIPHER_SERVER_PREFERENCE option. - -- Aaron Jones. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJS92plAAoJEG6FTA+q1M6kPqAP+wWxsp/8ilFkhdr1ETiWfHCJ tsOs2K5bXf52D9LBKbWVYlpKF+TV1+d7qRFiPMsA3a65c1OJF5yfXSvlVStF2vFO mRxBNC83ltcj/fyAH02zHmbEE65wCuiWpYt6jq4GRQlOIze6IJfsvrP3ModRRJtP 0PrIkvjqmtYKOl/qVn08D4Vvw4V3c3Y0HX5YAEze8NyKeM3I0aE71NBb+51zSKQn vnx7+6aAJYRiiadpkz9quvVTAhhmWHnWhfxwNN7foNApQ4gPML7h7fnxDi3xNuBv bTTV8zQ6qlYNMJ00kx3rmCkr01+SqZ4xk+tgC+4l1ZWf7tXclR1YlgsfNPNciv7F GZ4q/L5FmwgEM8gqbMv8KSOiaX8PDslRUy6OyWH9bNLc5cgoXRXDZ3VCy0w7vMkV 70qqi+5b86+gVkZlxGhL9xyfWA2iQteTb1eoqmNkjslEfi6dqUZYypG41zd7gU5D WQdsQEusfets1/mk/eDPcy194CX63G0YhBP8tVlrtHn+iONFcS+s4Uyr1Nifa0mM QF9GZgdbr5mVl47AxSp0a9PHKekzCJTcfyD4o4csq0ND8YN+ol83X7tDVI/clItx AW2ry+rGOHvNsuKWDtzaaV8B3wcS8IhS0K39SKEn+Bv5IxXNFclJF9btxAfU6SP0 PWhuoH5uFB2QYQHFqdiT =CRFH -----END PGP SIGNATURE----- ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
