[openssl-dev] cipher order

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Thu Mar 3 16:33:17 UTC 2016

On 3/3/16, 11:30 , "openssl-dev on behalf of Hanno Böck"
<openssl-dev-bounces at openssl.org on behalf of hanno at hboeck.de> wrote:

>On Thu, 03 Mar 2016 16:18:57 +0000 Emilia Käsper <emilia at openssl.org>
>This is different from what I had in mind.
>I would argue that cbc/hmac is so fragile that it's always preferrable
>to have aead before cbc/hmac. The security difference between 128 and
>256 bit aes is imho mostly irrelevant in practice.

Again, +1

Perhaps David can do his magic again? :-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4324 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160303/4f351b13/attachment-0001.bin>

More information about the openssl-dev mailing list