> The description of CVE-2015-3193 in 2015-12-04 security advisory > states that EC algorithms are not affected, but attacks against DH are > considered feasible. > Not being a cryptographer that leaves me a bit confused. > Are applications supporting cipher suites with ECDHE- variants vulnerable?
*No* EC algorithms are affected. Advisory refers to non-EC DH key exchange. So that answer to specific question is no. _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
