CVE-2019-1559 advisory - what is "non-stiched" ciphersuite means?
Marian Beermann
public at enkore.de
Wed Feb 27 09:26:47 UTC 2019
"Stitching" is an optimization where you have algorithm A (e.g. AES-CBC)
and algorithm B (e.g. HMAC-SHA2) working on the same data, and you
interleave the instructions of A and B. (This can improve performance by
increasing port and EU utilization relative to running A and B
sequentially).
I believe OpenSSL uses stitched implementations in TLS for AES-CBC +
HMAC-SHA1/2, if they exist for the platform.
Also note that "AEAD ciphersuites are not impacted", i.e. AES-GCM and
ChaPoly are not impacted.
Cheers, Marian
Am 27.02.19 um 03:56 schrieb M K Saravanan:
> Hi,
>
> In the context of https://www.openssl.org/news/secadv/20190226.txt
>
> ======
> In order for this to be exploitable "non-stitched" ciphersuites must be in use.
> ======
>
> what is "non-stitched" ciphersuites means?
>
> with regards,
> Saravanan
>
More information about the openssl-users
mailing list