> The description of CVE-2015-3193 in 2015-12-04 security advisory
> states that EC algorithms are not affected, but attacks against DH are
> considered feasible.
> Not being a cryptographer that leaves me a bit confused.
> Are applications supporting cipher suites with ECDHE- variants vulnerable?

*No* EC algorithms are affected. Advisory refers to non-EC DH key
exchange. So that answer to specific question is no.


_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to