[openssl-dev] 3DES is a HIGH-strength cipher?
Richard Moore
richmoore44 at gmail.com
Fri Feb 12 20:05:17 UTC 2016
On 12 February 2016 at 18:59, Short, Todd <tshort at akamai.com> wrote:
> Hi,
>
> In OpenSSL 1.0.2, and 1.0.1i, 3DES-CBC’s bit-strength was changed from 168
> to 112, which makes sense. However, it is still considered a HIGH-strength
> cipher.
>
> RC4 is listed as having a bit strength of MEDIUM, and is a 128-bit
> strength cipher (kinda).
>
> This is a bit contradictory. According to the OpenSSL cipher
> documentation, HIGH refers to 128-bit, or stronger, ciphers.
>
> Should 3DES ciphers be moved to the MEDIUM category?
>
>
I tend to agree with moving it to the medium category, but not with the
reasoning. eg. We could have XOR with a 256 bit key and I still wouldn't
want it to be considered as High.
Rich.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160212/2c28ee51/attachment.html>
More information about the openssl-dev
mailing list