[Ach] bettercrypto.org using non-optimal crypto?

Alan Orth alan.orth at gmail.com
Mon Jul 7 21:06:13 CEST 2014


On 07/07/2014 07:33 PM, Pepi Zawodsky wrote:
> Hoi!
> 
> On 07 Jul 2014, at 15:32, Alan Orth <alan.orth at gmail.com> wrote:
>> I was just curious and checked the negotiated cipher suite used for
>> bettercrypto.org, and I was a bit surprised to see that my Chrome 35 in
>> GNU/Linux negotiated AES_256_CBC for encryption and SHA1 for message
>> authentication.
> 
> Given the capabilities of Chrome this comes logically.
> https://www.ssllabs.com/ssltest/viewClient.html?name=Chrome&version=34
> 
> The exact cipher is: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)
> 
> Chrome only supports AES in GCM mode for 128 bit strength, but not 256bits. This is the reason why Chrome trickles down to the cipher that is eventually used. The site doesn't support any 128bit ciphers.
> 
> BEAST is not exploitable in TLS 1.2.
> LUCKY13 is exploitable but considered quite impractical.
> 
> Best regards
> Pepi
> 

Thanks for the explanation, Pepi and Aaron.  The choices seem reasonable
now that you explained the logic.

-- 
Alan Orth
alan.orth at gmail.com
http://alaninkenya.org
http://mjanja.co.ke
"I have always wished for my computer to be as easy to use as my
telephone; my wish has come true because I can no longer figure out how
to use my telephone." -Bjarne Stroustrup, inventor of C++
GPG public key ID: 0x8cb0d0acb5cd81ec209c6cdfbd1a0e09c2f836c0

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140707/ded43845/attachment.sig>


More information about the Ach mailing list