[openssl-dev] Circumstances cause CBC often to be preferred over GCM modes
Hanno Böck
hanno at hboeck.de
Tue Dec 16 03:23:24 UTC 2014
On Tue, 16 Dec 2014 03:09:53 +0000
Viktor Dukhovni <openssl-users at dukhovni.org> wrote:
> On Tue, Dec 16, 2014 at 02:18:40AM +0100, Hanno B?ck wrote:
>
> > Firefox and Chrome support authenticated encryption via TLS 1.2 and
> > GCM these days. However they have for some reason decided not to
> > support AES-256 but only AES-128.
>
> In which case, they will never use AES-256, and yet:
No, you understood that wrong: They decided to not support AES-256 for
CGM. For CBC they support both 128/256.
> This is a cipherstring with great redundancy and a typo. What you
> meant was:
The cipher string doesn't really matter, it happens with every setting
where you enable AES CBC/GCM ciphers in both 128/256 bit setting.
And yes, my initial mail was a bit confused (server chooses, not
client), still the result is the same: For very common settings it
happens that browsers choose cbc if gcm would be available (just
point chrome to https://www.openssl.org to see it).
--
Hanno Böck
http://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mta.opensslfoundation.net/pipermail/openssl-dev/attachments/20141216/0dd54095/attachment.sig>
More information about the openssl-dev
mailing list