[openssl-users] Lattice Ciphers

Alan Buxey alan.buxey at gmail.com
Mon Dec 18 17:12:09 UTC 2017


Have you submitted a bug report for Apache (not honouring server config
cipher order) if one doesn't exist?

As for resistant to quantum computers, given the current aim is for systems
that can calculate things that would currently take the age of the universe
to calculate, resistance is futile ;)

alan

On 18 Dec 2017 4:47 pm, "Colony.three via openssl-users" <
openssl-users at openssl.org> wrote:

>
>
>    - FF claims it does DHE/EDH
>    <https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.mozilla.org_Security_Server-5FSide-5FTLS-23Intermediate-5Fcompatibility-5F.28default.29&d=DwMGaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=XJoX203uiiC98n6L2888TI9zC37FTWeD7taNoV50GDE&s=v0qGxpAFrqvTmiNnI5_Cl-Yd-tKrA-FDw6jO-lERXjY&e=>,
>    but it does not actually, in practice.  It does either EC, or RSA.  I've
>    tested it. (v52)  This does not look like an accident.
>
>  Have you find a server that does DHE/EDH, and only that, that FF cannot
> connect to?
>
>
> I've set mine to test this comprehensively. (Apache and NginX)  With
> Apache Firefox -ignores- server-prescribed ciphers and chooses an EC.
> NginX does properly prevail with the algo.  Was this an accident, Apache?
>
> And Firefox simply can not make a connexion when the only choices are the
> DHE/EDH algos -- which they say they can do here
> <https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29>
> .
>
>
>
>    - "*Prefer conventional discrete-log-based systems over elliptic-curve
>    systems; the latter have constants that the NSA influences when they can.*
>    "
>
> I missed that, thanks.  And for non-NSA curves that aren’t influenced?
>
>
> As with Schnier, I don't trust any EC.  It's a shame.  I am looking
> forward to independent lattice
> <https://policyreview.info/articles/news/post-snowden-cryptography-and-network-security/390>.
> (Not that Mozilla, will implement it)  For now I'm set to DHE/EDH
> (fruitlessly) and RSA (AES).  RSA is cracked by a very few, but this is the
> decision I've made.
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20171218/e1324cfd/attachment-0001.html>


More information about the openssl-users mailing list