----- Original Message ----- > From: "Benny Baumann" <be...@geshi.org> > To: openssl-dev@openssl.org > Sent: Friday, July 4, 2014 10:28:07 AM > Subject: Re: [PATCH] LibReSSL/OpenSSL: Adjust/remove keysize restrictions > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Am 03.07.2014 14:08, schrieb Hubert Kario: > > > > I won't even mention the whole issue of actually configuring TLS > > for more than 128 bit security... > > > The most difficult thing in getting the configuration above 128 bit > was less to generate appropriate key material, but to figure out in > which ways the cipher suite setup API breaks - having GnuTLS less > broken in this regard than OpenSSL. > > (Valid for recent versions of GnuTLS) > SECURE256:-CIPHER-ALL:+COMP-DEFLATE:-MAC-ALL:!MD5:!ANON-DH:-3DES-CBC:-CAMELLIA-256-CBC:!CAMELLIA-128-CBC:-AES-256-CBC:!AES-128-CBC:+VERS-TLS1.2:+VERS-TLS1.1:+AEAD:+SHA512:+SHA384:+SHA256:+AES-256-GCM:+SHA1:+VERS-TLS1.0:-DHE-RSA:-RSA:+DHE-RSA:+DHE-DSS:+RSA:+SRP:+CAMELLIA-256-CBC:+AES-256-CBC:-VERS-SSL3.0:%SERVER_PRECEDENCE > > Not to mention that SECURE_256_ still contains 192 bit ciphers.
sorry, but with TLS 1.0 security level of 192 bit or higher is impossible, please read the RFCs to understand why. Used cipher suites is just one step in at least 5 step process and it's actually one of the simplest. in short: You are ramping just two or three dials up to 11 in a system in which _all_ the elements need to be above your target level of security. Giving the option to set them to 11 makes other users vulnerable to DoS attacks. This makes the change really questionable. -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Email: hka...@redhat.com Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
