[openssl-users] Authentication over ECDHE

Christian c.wehrmeyer at freshlions.de
Mon Dec 24 15:25:54 UTC 2018


> Your research has led you astray.  The ECDHE-RSA-AES128-GCM-SHA25
> ciphersuiteo *is* RSA authenticated and offers forward secrecy,

Then how would I load my static RSA keys into my SSL_CTX? Simply by 
using SSL_CTX_use_PrivateKey_file on client and server? As far as I 
understand the mechanism that would only enable encryption, but not 
decryption.

> they are both quite strong, use 128-bit to optimize for speed or
> 256-bit against hypothetical attacks on 128-bit AES that don't break
> AES-256.

Actually, I've been told that AES256 is weaker than AES128 in theory, 
and have been discouraged to use it.

> and you could use Ed25519 certificates and/or X25519 key exchange.

I said I'd like to avoid using any certificates. I don't see the point 
of them if I'm going to use static keys anyways. And certificates, from 
my limited understanding, only establish external trust anyways. I want 
direct trust.


More information about the openssl-users mailing list