[Ach] OpenSSL Cipher Strings: kDHE/kECDHE

Aaron Zauner azet at azet.org
Mon Mar 9 18:02:18 CET 2015

Hi Peter,

Peter Ulber wrote:
> Hi,
> today we had a talk about mod_ssl and mod_tls. While discussing the matter we had taken a look at the configuration tool offered by Mozilla:
> https://mozilla.github.io/server-side-tls/ssl-config-generator/
> Because I mainly use GnuTLS I am not that familiar with OpenSSL Cipher Strings, so I want to ask, if someone can explain the meaning of kEDH/kDHE and kEECDH/kECDHE? As far as I understand, that one should not use ADH because of MITM attacks. But why one would use DHE/ECDHE with anonymous cipher suites? Is that not as vulnerable to MITM attacks as ADH/AECDH? 

DHE/ECDHE are /not/ anonymous.

> Here is, what the manual and the wiki say:
> https://wiki.openssl.org/index.php/Manual:Ciphers%281%29#CIPHER_STRINGS
> https://wiki.openssl.org/index.php/Diffie_Hellman
> but because there is no ADHE or AECDHE I'm not sure I understand the meaning of kDHE and kECDHE. Overall I find the notation of the cipher suites which OpenSSL is using very confusing ... compared to GnuTLS ;-)

It's confusing. So the basic story behind this is that OpenSSL has
changed their naming of (and how they interpret) cipherstrings. Where
kDHE/kECDHE are the "newer" nomenclature. Because we also need to
support old OpenSSL versions we use the old nomenclature.

If you want to play around with that:


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20150309/8c008a67/attachment.sig>

More information about the Ach mailing list