[Ach] Vote for new Cipherstring B [Was: Issue with OpenSSL >0.9.8l]
Aaron Zauner
azet at azet.org
Wed Jun 4 15:24:44 CEST 2014
Hi Philip,
Philipp Gühring wrote:
> Hi,
>
> I dont't mind dropping *256, but I currently believe that SHA384 is the
> only secure hash in the SHA2 family, all other hashes leak their
> complete internal state. Length-Extension-Attack...
> From security point of view, I would drop SHA2-256 and SHA2-512, and
> promote SHA2-384.
> But I do not know what that means interoperability-wise.
There is no support for SHA384 with 128 bit symmetric ciphers in TLS:
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
So,.. keeping them is completely useless if we drop *256.
Aaron
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140604/b1ab3879/attachment.sig>
More information about the Ach
mailing list