[Ach] Review

Philipp Gühring pg at futureware.at
Fri Nov 15 20:24:58 CET 2013


> Wow. A lot of useful stuff in here! Thank you very much! BTW: this list
> is in english (since there are a lot of non-german speaking people on
> it)

Yes, sorry, I had written everything before I joined the list and saw that
it had already switched to english.

> not sure about SRP and NTRU (can anyone supply proper information and
> practical knowledge on those?) - looks fine to me besides that.

SRP is a zero-knowledge secure password authentication. Only if both
parties know the password, the connection gets successfully established,
without leaking any information about the password. From my point of view,
this would be the optimal cipher-suite for websites with password
authentication, perhaps even IMAPs/POP3s

NTRU is a quantum-cryptoanalytic-safe algorithm, which can be used for
public-key encryption, unfortunately not for signatures.

> > Zum Kapitel 7.1.1:
> > Mich wundert dass bei ECDHE-RSA-AES256-GCM-SHA384 als Hash dann AEAD
> steht. 
> > Nachdem SHA384 im Ciphersuite-Namen steht hätte ich mir erwartet,
> dass
> > SHA384 auch als Hash verwendet wird.
> > Die Message-Authentication hingegen wird durch GCM mit AEAD anstatt
> SHA384
> > gemacht, daher wäre als Überschrift vielleicht MAC anstelle von Hash
> > besser geeignet?
> GCM basically removes the need for an additional hash function to do
> message authentication. 

Yes, so why is the SHA384 in the Ciphersuite-Name, and not simply AEAD? 
Is SHA384 actually used?

Best regards,

More information about the Ach mailing list