[Ach] bettercrypto.org using non-optimal crypto?

Pepi Zawodsky pepi.zawodsky at maclemon.at
Mon Jul 7 18:33:19 CEST 2014


On 07 Jul 2014, at 15:32, Alan Orth <alan.orth at gmail.com> wrote:
> I was just curious and checked the negotiated cipher suite used for
> bettercrypto.org, and I was a bit surprised to see that my Chrome 35 in
> GNU/Linux negotiated AES_256_CBC for encryption and SHA1 for message
> authentication.

Given the capabilities of Chrome this comes logically.

The exact cipher is: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)

Chrome only supports AES in GCM mode for 128 bit strength, but not 256bits. This is the reason why Chrome trickles down to the cipher that is eventually used. The site doesn't support any 128bit ciphers.

BEAST is not exploitable in TLS 1.2.
LUCKY13 is exploitable but considered quite impractical.

Best regards
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4130 bytes
Desc: not available
URL: <http://lists.cert.at/pipermail/ach/attachments/20140707/8ec76c0a/attachment.bin>

More information about the Ach mailing list