----- Original Message ----- > From: "Dr. Stephen Henson" <[email protected]> > To: [email protected] > Sent: Friday, 28 March, 2014 3:55:28 PM > Subject: Re: Insecure DEFAULT cipher set > > On Fri, Mar 28, 2014, Hubert Kario wrote: > > > > > Currently OpenSSL sorts ciphers according to key size first, then key > > exchange > > and finally the mac used. > > > > This does not result in a list sorted by strength (as the documentation > > would > > suggests). Ciphers using 3DES use 168 bit key but because of meet > > in the middle attack, the effective cipher strength is 112 bit, see [NIST > > SP800-57] and [ENISA] for details. > > > > To address this I'd suggest we just change the security bits for 3DES > ciphersuites to 112 bits in the SSL_CIPHER structure. The SSL_CIPHER > structure > has separate fields for key length and security bits.
Problem is, that while 3DES provides about 112 bits of security, RC4 with 128bit keys is certainly weaker. So its security level should also be adjusted. Why do you want to change just this? What are the reasons for not making the default cipher set secure? -- Regards, Hubert Kario BaseOS QE Security team Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
