[openssl-users] Dumb question about DES
Benjamin Kaduk
bkaduk at akamai.com
Thu May 11 19:10:18 UTC 2017
The triple-DES ciphers are not part of DEFAULT in 1.1.0e(what I happened
to check).
Though, the specific list of ciphers there does not quite match with
your list below, so you should double-check if necessary.
-Ben
On 05/11/2017 01:13 PM, Scott Neugroschl wrote:
>
> OK. Are the 3DES CBC ciphers still part of DEFAULT?
>
>
>
> *From:*openssl-users [mailto:openssl-users-bounces at openssl.org] *On
> Behalf Of *Benjamin Kaduk via openssl-users
> *Sent:* Thursday, May 11, 2017 9:18 AM
> *To:* openssl-users at openssl.org
> *Subject:* Re: [openssl-users] Dumb question about DES
>
>
>
> Those ciphers are triple-DES, not single-DES. (The "CBC3" gives it
> away ... well, not exactly.)
> The single-DES ciphers were removed in release 1.1.0 (they are
> included in the "40 and 56 bit cipher support removed from libssl"
> item in the release notes), though the raw crypto primitives remain in
> libcrypto.
>
> -Ben
>
> On 05/11/2017 11:07 AM, Scott Neugroschl wrote:
>
> Has DES been deprecated in OpenSSL? If so, what release? In
> particular the following ciphers
>
>
>
> 0.19 EDH-DSS-DES-CBC3-SHA
>
> 0.22 EDH-RSA-DES-CBC3-SHA
>
> 192.13 ECDH-RSA-DES-CBC3-SHA
>
> 192.3 ECDH-ECDSA-DES-CBC3-SHA
>
> 192.18 ECDHE-RSA-DES-CBC3-SHA
>
> 192.8 ECDHE-ECDSA-DES-CBC3-SHA
>
>
>
>
>
>
>
> ---
>
> Scott Neugroschl | XYPRO Technology Corporation
>
> 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone
> 805 583-2874|Fax 805 583-0124 |
>
>
>
>
>
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170511/8727d562/attachment.html>
More information about the openssl-users
mailing list