[Ach] Vote for new Cipherstring B [Was: Issue with OpenSSL >0.9.8l]

Aaron Zauner azet at azet.org
Fri May 16 15:10:03 CEST 2014



MacLemon wrote:
> On 15.05.2014, at 21:54, Aaron Zauner <azet at azet.org> wrote:
>> some daemons have problems with cipherstrings that long (e.g.
>> OpenVPN
> 
> IIRC OpenVPN is the ONLY daemon we currently know of that limits the config line length to 255 chars and hence may run into a problem. Did anyone of us already file a bug upstream with OpenVPN to fix that?
> 
We know of. Right. As someone who has seen quite some messy C code that
people ship in software - I am certain that we will run into more
problems. Just waiting for the first buffer-overrun reports because of
our cipherstring :D
Simplifying the cipherstring also makes it easier to keep track of whats
in there and for new users to actually understand what it does. I really
see no reason to ship a massive cipherstring if we do not need to.

Torsten already makes some good points in terms of preference (Handshake
or Ciphers?). As I mentioned earlier: If a client supports AES it'll
always choose AES256, the only exception being Java that does not
support AES256 on all plattforms by default (needs to be configured)
where the AES128 fallback makes sense.

As I said - that's not a priority for me, but we need to have a
cipherstring that works on both OpenSSL 0.9.8 and 1.0.0.

It's important that we get this out soon, as of today our paper
recommends a cipherstring that yields inferior security for all software
linked against any OpenSSL 0.9.8 version. We de facto remove Forward
Secrecy for these users. Even defaults are more secure in most cases.

Aaron


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140516/a2d3e911/attachment.sig>


More information about the Ach mailing list