Clemens Lang wrote in <e3810e68-25cc-456f-9dc4-a03752c43...@redhat.com>: |Hello Steffen,
Hallo. (I presume.) |> On 7. Aug 2024, at 22:16, Steffen Nurpmeso <stef...@sdaoden.eu> wrote: |> |> Isn't that terribly rhetorical, and can kill sheeps indeed. |> To reiterate that SSL/TLS are standards, they had version |> iterations, which possibly got around some real protocol problem. |> These offer standardized sets of ciphersuites, some of those, of |> the elder versions, are "no longer secure". (I am no |> cryptographer to tell whether they ever were completely so, or |> whether there are "mathematical tricks" to get away without brute |> force for them. That aside.) That is basically it. But, as far |> as i understand it, even TLSv1 supported forward-secrecy stuff, ie |> |> # openssl ciphers -v EECDH+AESGCM:EECDH+AES256:CHACHA20:!DHE |> |> gives two members, and except for the SHA-1 MAC this looks pretty |> modern. But again: i am far from being an expert. | |TLS < 1.2 only supports a single signature algorithm, which uses SHA1-MD5 \ |as digest. |Only TLS >= 1.2 supports the signature_algorithms extension to negotiate \ |modern digests. | |MD-5 is fully broken. SHA-1 is questionable. Their combination may \ |withstand attacks a little bit longer, but probably not by much. | |The MAC is actually fine, since it’s HMAC with SHA-1, which isn’t as \ |affected by a SHA-1 collision attack [1]. | | [1]: https://security.stackexchange.com/questions/187866/why-aren-t-coll\ | isions-important-with-hmac Ok, here you got me. I would have to (actually a little bit of re-) read the entire TLS specification 1.1 (2246) in order to give some useful answer. Ie, whether the non-HMAC usage of MD5/SHA-1 in TLSv1.1 is used in a way that is truly problematic, or whether they exist in data blocks that are protected by other means, protected by the stream cipher or signed by a key that anyway has to be verified via private/public key cryptography. I never read 5246, just downloaded it an hour ago to read the referenced appendix. (Not a network expert etc.) --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) | | Only during dog days: | On the 81st anniversary of the Goebbel's Sportpalast speech | von der Leyen gave an overlong hypocritical inauguration one. | The brew's essence of our civilizing advancement seems o be: | Total war - shortest war -> Permanent war - everlasting war
