[openssl-users] How to increase the priority of some cipher ?

Jakob Bohm jb-openssl at wisemo.com
Tue Sep 26 20:53:07 UTC 2017

Obviously, the DH Ephemeral ciphersuites consist of a (sometimes
fast) DH step PLUS an RSA or ECDSA step to confirm the identity of
the server, while the slightly less secure RSA suites only do the
RSA step.  DH+ECDSA requires an ECDSA certificate, which won't
work for clients that require RSA suites.

On 26/09/2017 18:58, Benjamin Kaduk via openssl-users wrote:
> I am curious about this statement that "(EC)DHE cost much more 
> resources than RSA".  In particular, ECDHE is supposed to be less 
> computation-intensive than RSA for a given security level, so it would 
> be interesting to hear what your setup is where the reverse is 
> supposed to be observed.
> -Ben
> On 09/26/2017 03:44 AM, 李明 wrote:
>> just find it,
>>  server respect client's cipher preference  by default,
>>  it selects the suite preferred by client among the cipherlist that 
>> both the client and server support.
>>  so it's not enough to just increase RSA cipher priority on server 
>> side ,
>> SSL_OP_CIPHER_SERVER_PREFERENCE will make the server select the suite 
>> that itself most prefer among the cipherlist that both the client and 
>> server support.
>> 在 2017-09-26 15:15:10,"李明" <mid_li at 163.com> 写道:
>>     Hello,
>>        Currently, openssl prefer (EC)DHE handshakes over plain RSA,
>>     but (EC)DHE cost much more resouces than RSA.
>>        In order to get higher performance , I want to prioritize
>>     RSA related ciphers, does anyone knows how to do it.
>>        I have tried cipherlist "RSA:ALL:!COMPLEMENTOFDEFAULT:!eNULL"
>>     , it looks fine in openssl command line
>>     ./openssl ciphers -v 'RSA:ALL:!COMPLEMENTOFDEFAULT:!eNULL'
>>     AES256-GCM-SHA384      TLSv1.2 Kx=RSA      Au=RSA 
>>     Enc=AESGCM(256) Mac=AEAD
>>     AES128-GCM-SHA256      TLSv1.2 Kx=RSA      Au=RSA 
>>     Enc=AESGCM(128) Mac=AEAD
>>     AES256-SHA256          TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(256)
>>     Mac=SHA256
>>     AES128-SHA256          TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(128)
>>     Mac=SHA256
>>     AES256-SHA             SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)
>>     Mac=SHA1
>>     AES128-SHA             SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)
>>     Mac=SHA1
>>     Enc=AESGCM(256) Mac=AEAD
>>      but, after SSL_CTX_set_cipher_list(ctx,
>>     "RSA:ALL:!COMPLEMENTOFDEFAULT:!eNULL")  in my application, it
>>     didn't work, the first choice is still ECDHE-RSA-AES256-GCM-SHA384

Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list