[Ach] LaTeX: Tables
Tobias Millauer | fhstp - IT Security
is131015 at fhstp.ac.at
Mon Nov 18 16:26:44 CET 2013
Good afternoon,
I've attached the git diff of the current snapshot (today, 13:14:16).
Could you test it? - I did not compile it.
Tobias
Am 17.11.2013 13:51, schrieb Tobias Dussa (SCC):
> Hi,
>
> On Sun, Nov 17, 2013 at 01:37:16PM +0100, Tobias Millauer wrote:
>> The tables are really difficult to read. We should consider making
>> the tables more suitable for human eyes.
>> Here is an example tutorial:
>> https://www.unix-ag.uni-kl.de/~fischer/blog/20070411_Tabellen_in_LaTeX/
>> If you want to, I'll send you the patch.
> +1. I can help with the reformatting if you like.
>
> Cheers,
> Toby.
-------------- next part --------------
diff --git a/src/applied-crypto-hardening.tex b/src/applied-crypto-hardening.tex
index cebe64d..883c52e 100644
--- a/src/applied-crypto-hardening.tex
+++ b/src/applied-crypto-hardening.tex
@@ -41,6 +41,10 @@
\usepackage{hyperref}
\usepackage{draftwatermark}
+% human tables
+\usepackage{booktabs}
+\renewcommand{\arraystretch}{1.25}
+
\definecolor{green}{RGB}{32,113,10}
\definecolor{orange}{RGB}{251,111,16}
\definecolor{red}{RGB}{247,56,0}
diff --git a/src/cipher_suites.tex b/src/cipher_suites.tex
index 447f178..89343e6 100644
--- a/src/cipher_suites.tex
+++ b/src/cipher_suites.tex
@@ -66,13 +66,15 @@ This results in the string:
\begin{center}
-\begin{tabular}{| l | l | l | l | l| l | l |}
-\hline
-ID & OpenSSL name & Version & KeyEx & Auth & Cipher & Hash \\ \hline
-0xC030 & ECDHE-RSA-AES256-GCM-SHA384 & TLSv1.2 & ECDH & RSA &AESGCM(256) & AEAD \\ \hline
-0xC028 & ECDHE-RSA-AES256-SHA384 & TLSv1.2 & ECDH & RSA &AES(256) & SHA384 \\ \hline
-0x009F & DHE-RSA-AES256-GCM-SHA384 & TLSv1.2 & DH & RSA &AESGCM(256) & AEAD \\ \hline
-0x006B & DHE-RSA-AES256-SHA256 & TLSv1.2 & DH & RSA &AES(256) & SHA256 \\ \hline
+\begin{tabular}{l l l l l l l}
+\toprule
+ID & OpenSSL name & Version & KeyEx & Auth & Cipher & Hash \\
+\midrule
+0xC030 & ECDHE-RSA-AES256-GCM-SHA384 & TLSv1.2 & ECDH & RSA &AESGCM(256) & AEAD \\
+0xC028 & ECDHE-RSA-AES256-SHA384 & TLSv1.2 & ECDH & RSA &AES(256) & SHA384 \\
+0x009F & DHE-RSA-AES256-GCM-SHA384 & TLSv1.2 & DH & RSA &AESGCM(256) & AEAD \\
+0x006B & DHE-RSA-AES256-SHA256 & TLSv1.2 & DH & RSA &AES(256) & SHA256 \\
+\bottomrule
\end{tabular}
\end{center}
@@ -112,18 +114,19 @@ This results in the string:
\begin{center}
-\begin{tabular}{| l | l | l | l | l| l | l |}
-\hline
-ID & OpenSSL name & Version & KeyEx & Auth & Cipher & Hash \\ \hline
-0xC030 & ECDHE-RSA-AES256-GCM-SHA384 & TLSv1.2 & ECDH & RSA &AESGCM(256) & AEAD \\ \hline
-0xC028 & ECDHE-RSA-AES256-SHA384 & TLSv1.2 & ECDH & RSA &AES(256) & SHA384 \\ \hline
-0x009F & DHE-RSA-AES256-GCM-SHA384 & TLSv1.2 & DH & RSA &AESGCM(256) & AEAD \\ \hline
-0x006B & DHE-RSA-AES256-SHA256 & TLSv1.2 & DH & RSA &AES(256) & SHA256 \\ \hline
-0x0088 & DHE-RSA-CAMELLIA256-SHA & SSLv3 & DH & RSA &Camellia(256)& SHA1 \\ \hline
-0xC014 & ECDHE-RSA-AES256-SHA & SSLv3 & ECDH & RSA &AES(256) & SHA1 \\ \hline
-0x0039 & DHE-RSA-AES256-SHA & SSLv3 & DH & RSA &AES(256) & SHA1 \\ \hline
-0x0035 & AES256-SHA & SSLv3 & RSA & RSA &AES(256) & SHA1 \\ \hline
-
+\begin{tabular}{l l l l l l l}
+\toprule
+ID & OpenSSL name & Version & KeyEx & Auth & Cipher & Hash \\
+\midrule
+0xC030 & ECDHE-RSA-AES256-GCM-SHA384 & TLSv1.2 & ECDH & RSA &AESGCM(256) & AEAD \\
+0xC028 & ECDHE-RSA-AES256-SHA384 & TLSv1.2 & ECDH & RSA &AES(256) & SHA384 \\
+0x009F & DHE-RSA-AES256-GCM-SHA384 & TLSv1.2 & DH & RSA &AESGCM(256) & AEAD \\
+0x006B & DHE-RSA-AES256-SHA256 & TLSv1.2 & DH & RSA &AES(256) & SHA256 \\
+0x0088 & DHE-RSA-CAMELLIA256-SHA & SSLv3 & DH & RSA &Camellia(256)& SHA1 \\
+0xC014 & ECDHE-RSA-AES256-SHA & SSLv3 & ECDH & RSA &AES(256) & SHA1 \\
+0x0039 & DHE-RSA-AES256-SHA & SSLv3 & DH & RSA &AES(256) & SHA1 \\
+0x0035 & AES256-SHA & SSLv3 & RSA & RSA &AES(256) & SHA1 \\
+\bottomrule
\end{tabular}
\end{center}
@@ -210,34 +213,36 @@ We followed the recommendations by Ivan Ristic's SSL/TLS Deployment Best Practic
Following Ivan Ristic's adivce we arrived at a categorisation of cipher suites.
\begin{center}
-\begin{tabular}{| l | l | l | l | l|}
-\hline
-& Version & Key\_Exchange & Cipher & MAC \\ \hline
-\cellcolor{green}prefer & TLS 1.2 & DHE\_DSS & AES\_256\_GCM & SHA384 \\ \hline
- & & DHE\_RSA & AES\_256\_CCM & SHA256 \\ \hline
- & & ECDHE\_ECDSA & AES\_256\_CBC & \\ \hline
- & & ECDHE\_RSA & & \\ \hline
- & & & & \\ \hline
-\cellcolor{orange}consider & TLS 1.1 & DH\_DSS & AES\_128\_GCM & SHA \\ \hline
- & TLS 1.0 & DH\_RSA & AES\_128\_CCM & \\ \hline
- & & ECDH\_ECDSA & AES\_128\_CBC & \\ \hline
- & & ECDH\_RSA & CAMELLIA\_256\_CBC & \\ \hline
- & & RSA & CAMELLIA\_128\_CBC & \\ \hline
- & & & & \\ \hline
+\begin{tabular}{l l l l l}
+\toprule
+& Version & Key\_Exchange & Cipher & MAC \\
+\midrule
+\cellcolor{green}prefer & TLS 1.2 & DHE\_DSS & AES\_256\_GCM & SHA384 \\
+ & & DHE\_RSA & AES\_256\_CCM & SHA256 \\
+ & & ECDHE\_ECDSA & AES\_256\_CBC & \\
+ & & ECDHE\_RSA & & \\
+ & & & & \\
+\cellcolor{orange}consider & TLS 1.1 & DH\_DSS & AES\_128\_GCM & SHA \\
+ & TLS 1.0 & DH\_RSA & AES\_128\_CCM & \\
+ & & ECDH\_ECDSA & AES\_128\_CBC & \\
+ & & ECDH\_RSA & CAMELLIA\_256\_CBC & \\
+ & & RSA & CAMELLIA\_128\_CBC & \\
+ & & & & \\
\cellcolor{red}avoid
-& SSL 3.0 & NULL & NULL & NULL \\ \hline
- & & DH\_anon & RC4\_128 & MD5 \\ \hline
- & & ECDH\_anon & 3DES\_EDE\_CBC & \\ \hline
- & & & DES\_CBC & \\ \hline
- & & & & \\ \hline
+& SSL 3.0 & NULL & NULL & NULL \\
+ & & DH\_anon & RC4\_128 & MD5 \\
+ & & ECDH\_anon & 3DES\_EDE\_CBC & \\
+ & & & DES\_CBC & \\
+ & & & & \\
\cellcolor{blue}{\color{white}special }
-& & PSK & CAMELLIA\_256\_GCM & \\ \hline
- & & DHE\_PSK & CAMELLIA\_128\_GCM & \\ \hline
- & & RSA\_PSK & ARIA\_256\_GCM & \\ \hline
- & & ECDHE\_PSK & ARIA\_256\_CBC & \\ \hline
- & & & ARIA\_128\_GCM & \\ \hline
- & & & ARIA\_128\_CBC & \\ \hline
- & & & SEED & \\ \hline
+& & PSK & CAMELLIA\_256\_GCM & \\
+ & & DHE\_PSK & CAMELLIA\_128\_GCM & \\
+ & & RSA\_PSK & ARIA\_256\_GCM & \\
+ & & ECDHE\_PSK & ARIA\_256\_CBC & \\
+ & & & ARIA\_128\_GCM & \\
+ & & & ARIA\_128\_CBC & \\
+ & & & SEED & \\
+\bottomrule
\end{tabular}
\end{center}
@@ -268,19 +273,21 @@ Should a client not be able to use a specific cipher suite, it will fall back to
\begin{center}
\begin{table}[h]
\small
- \begin{tabular}{|l|l|l|l|l|}
- \hline
- Pref & Cipher Suite & ID & Browser \\ \hline
- 1 & TLS\_DHE\_RSA\_WITH\_AES\_256\_GCM\_SHA384 & 0x009f & OpenSSL command line client \\ \hline
- 2 & TLS\_ECDHE\_ECDSA\_WITH\_AES\_256\_CBC\_SHA384 & 0xC024 & Safari \\ \hline
- 3 & TLS\_ECDHE\_RSA\_WITH\_AES\_256\_CBC\_SHA384 & 0xC028 & Safari \\ \hline
- 4 & TLS\_DHE\_RSA\_WITH\_AES\_256\_CBC\_SHA256 & 0x006B & Safari, Chrome \\ \hline
- 5 & TLS\_ECDHE\_ECDSA\_WITH\_AES\_256\_CBC\_SHA & 0xC00A & Safari, Chrome, Firefox, IE \\ \hline
- 6 & TLS\_ECDHE\_RSA\_WITH\_AES\_256\_CBC\_SHA & 0xC014 & Safari, Chrome, Firefox, IE \\ \hline
- 7 & TLS\_DHE\_RSA\_WITH\_AES\_256\_CBC\_SHA & 0x0039 & Safari, Chrome, Firefox \\ \hline
- 8 & TLS\_DHE\_DSS\_WITH\_AES\_256\_CBC\_SHA & 0x0038 & Firefox, IE \\ \hline
- 9 & TLS\_DHE\_RSA\_WITH\_CAMELLIA\_256\_CBC\_SHA & 0x0088 & Firefox \\ \hline
- 10 & TLS\_DHE\_DSS\_WITH\_CAMELLIA\_256\_CBC\_SHA & 0x0087 & Firefox \\ \hline
+ \begin{tabular}{l l l l l}
+ \toprule
+ Pref & Cipher Suite & ID & Browser \\
+ \midrule
+ 1 & TLS\_DHE\_RSA\_WITH\_AES\_256\_GCM\_SHA384 & 0x009f & OpenSSL command line client \\
+ 2 & TLS\_ECDHE\_ECDSA\_WITH\_AES\_256\_CBC\_SHA384 & 0xC024 & Safari \\
+ 3 & TLS\_ECDHE\_RSA\_WITH\_AES\_256\_CBC\_SHA384 & 0xC028 & Safari \\
+ 4 & TLS\_DHE\_RSA\_WITH\_AES\_256\_CBC\_SHA256 & 0x006B & Safari, Chrome \\
+ 5 & TLS\_ECDHE\_ECDSA\_WITH\_AES\_256\_CBC\_SHA & 0xC00A & Safari, Chrome, Firefox, IE \\
+ 6 & TLS\_ECDHE\_RSA\_WITH\_AES\_256\_CBC\_SHA & 0xC014 & Safari, Chrome, Firefox, IE \\
+ 7 & TLS\_DHE\_RSA\_WITH\_AES\_256\_CBC\_SHA & 0x0039 & Safari, Chrome, Firefox \\
+ 8 & TLS\_DHE\_DSS\_WITH\_AES\_256\_CBC\_SHA & 0x0038 & Firefox, IE \\
+ 9 & TLS\_DHE\_RSA\_WITH\_CAMELLIA\_256\_CBC\_SHA & 0x0088 & Firefox \\
+ 10 & TLS\_DHE\_DSS\_WITH\_CAMELLIA\_256\_CBC\_SHA & 0x0087 & Firefox \\
+ \bottomrule
\end{tabular}
\caption{Preference order of cipher suites}
\label{table:prefOrderCipherSuites}
@@ -293,19 +300,21 @@ Table \ref{table:prefOrderOpenSSLNames} shows the same data again with specifyin
\begin{center}
\begin{table}[h]
\small
- \begin{tabular}{|l|l|l|}
- \hline
- Cipher Suite & ID & OpenSSL Name \\ \hline
- TLS\_DHE\_RSA\_WITH\_AES\_256\_GCM\_SHA384 & 0x009f & DHE-RSA-AES256-GCM-SHA384 \\ \hline
- TLS\_ECDHE\_ECDSA\_WITH\_AES\_256\_CBC\_SHA384 & 0xC024 & ECDHE-ECDSA-AES256-SHA384 \\ \hline
- TLS\_ECDHE\_RSA\_WITH\_AES\_256\_CBC\_SHA384 & 0xC028 & ECDHE-RSA-AES256-SHA384 \\ \hline
- TLS\_DHE\_RSA\_WITH\_AES\_256\_CBC\_SHA256 & 0x006B & DHE-RSA-AES256-SHA256 \\ \hline
- TLS\_ECDHE\_ECDSA\_WITH\_AES\_256\_CBC\_SHA & 0xC00A & ECDHE-ECDSA-AES256-SHA \\ \hline
- TLS\_ECDHE\_RSA\_WITH\_AES\_256\_CBC\_SHA & 0xC014 & ECDHE-RSA-AES256-SHA \\ \hline
- TLS\_DHE\_RSA\_WITH\_AES\_256\_CBC\_SHA & 0x0039 & DHE-RSA-AES256-SHA \\ \hline
- TLS\_DHE\_DSS\_WITH\_AES\_256\_CBC\_SHA & 0x0038 & DHE-DSS-AES256-SHA \\ \hline
- TLS\_DHE\_RSA\_WITH\_CAMELLIA\_256\_CBC\_SHA & 0x0088 & DHE-RSA-CAMELLIA256-SHA \\ \hline
- TLS\_DHE\_DSS\_WITH\_CAMELLIA\_256\_CBC\_SHA & 0x0087 & DHE-DSS-CAMELLIA256-SHA \\ \hline
+ \begin{tabular}{lll}
+ \toprule
+ Cipher Suite & ID & OpenSSL Name \\
+ \midrule
+ TLS\_DHE\_RSA\_WITH\_AES\_256\_GCM\_SHA384 & 0x009f & DHE-RSA-AES256-GCM-SHA384 \\
+ TLS\_ECDHE\_ECDSA\_WITH\_AES\_256\_CBC\_SHA384 & 0xC024 & ECDHE-ECDSA-AES256-SHA384 \\
+ TLS\_ECDHE\_RSA\_WITH\_AES\_256\_CBC\_SHA384 & 0xC028 & ECDHE-RSA-AES256-SHA384 \\
+ TLS\_DHE\_RSA\_WITH\_AES\_256\_CBC\_SHA256 & 0x006B & DHE-RSA-AES256-SHA256 \\
+ TLS\_ECDHE\_ECDSA\_WITH\_AES\_256\_CBC\_SHA & 0xC00A & ECDHE-ECDSA-AES256-SHA \\
+ TLS\_ECDHE\_RSA\_WITH\_AES\_256\_CBC\_SHA & 0xC014 & ECDHE-RSA-AES256-SHA \\
+ TLS\_DHE\_RSA\_WITH\_AES\_256\_CBC\_SHA & 0x0039 & DHE-RSA-AES256-SHA \\
+ TLS\_DHE\_DSS\_WITH\_AES\_256\_CBC\_SHA & 0x0038 & DHE-DSS-AES256-SHA \\
+ TLS\_DHE\_RSA\_WITH\_CAMELLIA\_256\_CBC\_SHA & 0x0088 & DHE-RSA-CAMELLIA256-SHA \\
+ TLS\_DHE\_DSS\_WITH\_CAMELLIA\_256\_CBC\_SHA & 0x0087 & DHE-DSS-CAMELLIA256-SHA \\
+ \bottomrule
\end{tabular}
\caption{Preference order of cipher suites, with OpenSSL names}
\label{table:prefOrderOpenSSLNames}
diff --git a/src/practical_settings.tex b/src/practical_settings.tex
index c37b44d..e929913 100644
--- a/src/practical_settings.tex
+++ b/src/practical_settings.tex
@@ -135,17 +135,15 @@ tested using https://www.ssllabs.com.
\begin{table}[h]
\centering
\small
- \begin{tabular}{|l|l|}
- \hline
+ \begin{tabular}{ll}
+ \toprule
Cipher Suite & Client \\
- \hline
+ \midrule
\verb|TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256| & only IE 10,11, OpenSSL 1.0.1e \\
- \hline
\verb|TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256| & Chrome 30, Opera 17, Safari 6+ \\
- \hline
\verb|TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA| & FF 10-24, IE 8+, Safari 5, Java 7\\
- \hline
- \end{tabular}
+ \bottomrule
+ \end{tabular}
\caption{Client support}
\label{tab:MS_IIS_Client_Support}
\end{table}
More information about the Ach
mailing list