> From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
> us...@openssl.org] On Behalf Of Viktor Dukhovni
> Sent: Tuesday, 09 September, 2014 09:01
> To: openssl-users@openssl.org
> Subject: Re: Value of DEFAULT cipher suite
> 
> On Tue, Sep 09, 2014 at 08:42:36AM -0400, Salz, Rich wrote:
> 
> > > Moving RC4 to "LOW" is also premature.  It is already at the bottom of
> the
> > > medium cipherlist, that should be enough.
> >
> > I am planning on doing it for master, not 1.0.2  That means it
> > won't be in an official release until... what, at least six months.
> 
> Master has "security levels", which still need some work, but are
> a less crude mechanism for such tweaks.  Disabling RC4 at security
> level 2 or some such, is better than incompatibly reclassifying it
> as "LOW".  We can discuss the details later.

For what it's worth, I'm with Victor on this. RC4 as cipher of last resort in 
the default set is better than not having it there at all.

The work factor and conditions for the best attacks on RC4 (around 2**24 
largely-similar plaintexts, unless I've missed more-recent improvements, which 
is certainly possible) are potentially dangerous for some applications - 
particularly HTTPS against server clusters that will handle the load, where a 
client (generally a browser) can be tricked into making the requests (generally 
via malicious scripting). But for other applications it could be much more 
difficult, in practice, to mount the attack.

I think it's fair to say that RC4 is strictly weaker than the other medium 
ciphers (SEED and RC2), since the best published attacks against RC4 are 
definitely considerably more feasible than those against the other two. But as 
Victor said, it's better than plaintext; and it's still very widely used (often 
preferentially), so there's a decent chance that an OpenSSL-based application 
using the default suite list will encounter a peer that only supports RC4.

-- 
Michael Wojcik
Technology Specialist, Micro Focus




This message has been scanned for malware by Websense. www.websense.com
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to