[EXTERNAL] - Re: Question about TLS 1.3 and openssl -cipher aNULL option
tmraz at redhat.com
Tue Sep 8 17:57:10 UTC 2020
On Tue, 2020-09-08 at 17:39 +0000, Yury Mazin via openssl-users wrote:
> I have a question based on the response provided to me:
> My question is why following openssl commands (version 1.1.1f)
> return those TLSv1.3 ciphers as offering no authentication and no
What do you mean by no authentication and no encryption? The encryption
is provided as you can see with the Enc=.... value. And authentication
is provided as well because Au=any applies here meaning any
authentication method available in TLS-1.3 protocol.
As it was explained before the cipher string does not apply to TLS-1.3
ciphersuites so it does not matter if you put NULL, eNULL, aNULL or
anything else as the last parameter of the ciphers command.
> From: openssl-users <openssl-users-bounces at openssl.org> on behalf of
> Viktor Dukhovni <openssl-users at dukhovni.org>
> Sent: Friday, September 4, 2020 12:10 PM
> To: openssl-users at openssl.org <openssl-users at openssl.org>
> Subject: Re: [EXTERNAL] - Re: Question about TLS 1.3 and openssl
> -cipher aNULL option
> On Fri, Sep 04, 2020 at 07:00:01PM +0000, Yury Mazin via openssl-
> users wrote:
> > Thank you Benjamin,
> > According to OpenSSL , aNULL stands for no-authentication.
> Specifically, SSL 3.0 through TLS 1.2 ciphers in which the server and
> client exchange no certificates, and the TLS handshake consists
> of an unsigned anonymous ephemeral DH or ECDH key exchang.
> TLS 1.3 dropped support for anonymous DH and ECDH. Server
> are *required. And the all-in-one ciphersuites of TLS <= 1.2, are
> replaced with separately negotiated components. As a result of
> in OpenSSL 1.1.1 and later, they are controlled via a different set
> APIs and command-line options.
> Specifically, in your case, the "-ciphers aNULL" option only applies
> to TLS <= 1.2
> > Does it mean that all 3 default protocols of TLS 1.3 offer no
> > authentication
> No. None of them "support no authentication" (which is not even
> true, it is the protocol that does not support "no authentication",
> the TLS 1.3 ciphers are simply silent re certificate algorithm
> but the "-cipher aNULL" is simply not used when TLS 1.3 is
> so your question is makes incorrect assumptions to reach its
No matter how far down the wrong road you've gone, turn back.
[You'll know whether the road is wrong if you carefully listen to your
More information about the openssl-users