[Ach] bettercrypto.org using non-optimal crypto?
Aaron Zauner
azet at azet.org
Tue Jul 8 11:06:15 CEST 2014
Hi Alan,
Alan Orth wrote:
> Thanks for the explanation, Pepi and Aaron. The choices seem reasonable
> now that you explained the logic.
Short update on that; I asked Adam Langley from Google via Twitter
yesterday why Chrome does not support a stronger HMAC. He pointed out
that AES-CBC mode is still susceptible to the Lucky13 Attack, which I -
to be honest - totally forgot about. So your concern is valid.
What I don't understand is why your Chrome did not negotiate for
AES-GCM. On which platform are you testing this (OS and architecture)?
Aaron
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140708/679f4477/attachment.sig>
More information about the Ach
mailing list