> From: owner-openssl-us...@openssl.org [mailto:owner-openssl- > us...@openssl.org] On Behalf Of Viktor Dukhovni > Sent: Tuesday, 09 September, 2014 09:01 > To: openssl-users@openssl.org > Subject: Re: Value of DEFAULT cipher suite > > On Tue, Sep 09, 2014 at 08:42:36AM -0400, Salz, Rich wrote: > > > > Moving RC4 to "LOW" is also premature. It is already at the bottom of > the > > > medium cipherlist, that should be enough. > > > > I am planning on doing it for master, not 1.0.2 That means it > > won't be in an official release until... what, at least six months. > > Master has "security levels", which still need some work, but are > a less crude mechanism for such tweaks. Disabling RC4 at security > level 2 or some such, is better than incompatibly reclassifying it > as "LOW". We can discuss the details later.
For what it's worth, I'm with Victor on this. RC4 as cipher of last resort in the default set is better than not having it there at all. The work factor and conditions for the best attacks on RC4 (around 2**24 largely-similar plaintexts, unless I've missed more-recent improvements, which is certainly possible) are potentially dangerous for some applications - particularly HTTPS against server clusters that will handle the load, where a client (generally a browser) can be tricked into making the requests (generally via malicious scripting). But for other applications it could be much more difficult, in practice, to mount the attack. I think it's fair to say that RC4 is strictly weaker than the other medium ciphers (SEED and RC2), since the best published attacks against RC4 are definitely considerably more feasible than those against the other two. But as Victor said, it's better than plaintext; and it's still very widely used (often preferentially), so there's a decent chance that an OpenSSL-based application using the default suite list will encounter a peer that only supports RC4. -- Michael Wojcik Technology Specialist, Micro Focus This message has been scanned for malware by Websense. www.websense.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org