Re: [TLS] 3DES diediedie

Tony Arcieri writes: >As someone who works professionally in the payments industry alongside people >who are directly implementing EMV protocols, let me note: those are not IETF >protocols and should not have bearing on IETF/IRTF decisions regarding >deprecations of protocols

Re: [TLS] 3DES diediedie

On Wed, 24 Aug 2016 19:08:02 -0700 Tony Arcieri wrote: > Should there be a 3DES "diediedie"? I think a 3des diediedie rfc would be a good idea. I was wondering yesterday whether I should disable 3des on my servers. I'd likely exclude a small portion of my visitors for a very

Re: [TLS] 3DES diediedie

Hello all, Regarding the discussion of the Sweet32 attack, it's worth mentioning that there is a specification of so called key meshing for the Russian GOST cipher (which has 64-bit block as well). Key meshing is a procedure of a predictable change of the current key after processing an certain

Re: [TLS] 3DES diediedie

Tony Arcieri writes: > This attack was published today[*]: > > https://sweet32.info/ > > I bring it up because I think the threat model is similar to the threats > that lead to RC4 "diediedie" > > https://www.rfc-editor.org/info/rfc7465 > > Should there be a 3DES

Re: [TLS] 3DES diediedie

On Wed, Aug 24, 2016 at 8:28 PM, Peter Gutmann wrote: > Only if there's an actualy issue. 3DES is still very widely supported > (particularly in financial systems and embedded) As someone who works professionally in the payments industry alongside people who are

Re: [TLS] 3DES diediedie

Tony Arcieri writes: >Should there be a 3DES "diediedie"? Only if there's an actualy issue. 3DES is still very widely supported (particularly in financial systems and embedded), and provides a useful backup to AES. An attack that recovers cookie if you can record 785GB of