[openssl-users] Dumb question about DES
Jakob Bohm
jb-openssl at wisemo.com
Fri May 12 05:43:06 UTC 2017
(keeping TOFU style to keep thread consistent).
You can also just use the cipher-list configuration option string
that an OpenSSL 1.0.x should allow passing to OpenSSL.
On 11/05/2017 22:17, Scott Neugroschl wrote:
>
> So if I’m using 1.0.2, and want to deprecate 3DES, I need to do that
> as part of my build?
>
> *From:*openssl-users [mailto:openssl-users-bounces at openssl.org] *On
> Behalf Of *Scott Neugroschl
> *Sent:* Thursday, May 11, 2017 11:13 AM
> *To:* openssl-users at openssl.org
> *Subject:* Re: [openssl-users] Dumb question about DES
>
> OK. Are the 3DES CBC ciphers still part of DEFAULT?
>
> *From:*openssl-users [mailto:openssl-users-bounces at openssl.org] *On
> Behalf Of *Benjamin Kaduk via openssl-users
> *Sent:* Thursday, May 11, 2017 9:18 AM
> *To:* openssl-users at openssl.org <mailto:openssl-users at openssl.org>
> *Subject:* Re: [openssl-users] Dumb question about DES
>
> Those ciphers are triple-DES, not single-DES. (The "CBC3" gives it
> away ... well, not exactly.)
> The single-DES ciphers were removed in release 1.1.0 (they are
> included in the "40 and 56 bit cipher support removed from libssl"
> item in the release notes), though the raw crypto primitives remain in
> libcrypto.
>
> -Ben
>
> On 05/11/2017 11:07 AM, Scott Neugroschl wrote:
>
> Has DES been deprecated in OpenSSL? If so, what release? In
> particular the following ciphers
>
> 0.19 EDH-DSS-DES-CBC3-SHA
>
> 0.22 EDH-RSA-DES-CBC3-SHA
>
> 192.13 ECDH-RSA-DES-CBC3-SHA
>
> 192.3 ECDH-ECDSA-DES-CBC3-SHA
>
> 192.18 ECDHE-RSA-DES-CBC3-SHA
>
> 192.8 ECDHE-ECDSA-DES-CBC3-SHA
>
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
More information about the openssl-users
mailing list