[openssl-users] openSSL and SLOTH attack

Jakob Bohm jb-openssl at wisemo.com
Fri Jan 8 00:25:29 UTC 2016

On 07/01/2016 23:06, jonetsu wrote:
> Does this mean that running 1.01e in FIPS mode is protected regarding this
> SLOTH attack ?
Does FIPS mode prevent use of MD5: Yes.

Does FIPS mode prevent insecure uses of SHA-1 (a FIPS
algorithm): No.

Does FIPS mode prevent the SSL/TLS handshake from using
96 bit truncated HMAC values: Probably not.

Does FIPS mode prevent use of the insecurely designed
'tls-unique' feature: Probably not.


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160108/2746d873/attachment.html>

More information about the openssl-users mailing list