[Ach] Cipher-Order: AES128/AES256 - was: Secure E-Mail Transport based on DNSSec/TLSA/DANE

Dahlberg, David david.dahlberg at fkie.fraunhofer.de
Wed Nov 4 11:32:46 CET 2015


Am Dienstag, den 03.11.2015, 23:08 +0100 schrieb Gunnar Haslinger:
> Am 03.11.2015 um 22:38 schrieb Aaron Zauner:
> > I recommend double-checking a cipherstring recommendation against
> > *all* 0.9.8 and 1.0.1 branches.
> 
> OK ... thats harder than I expected.
> But than it seems to be unsolvable for me to get a predictable
> situation
> by recommending a fixed "Cipher Suite B" String.

Okay, I did already write a lengthy text to contribute to this thread,
but dismissed it as the TL;DR was "it doesn't matter". So then ... 

Speaking a bit along the line of Terje: Please consider the scope of the
document. It is not to find the best solution, which will work for
everyone. It is a first go-to reference for people that want setup a
server on their own with sane crypto that works appropriately for the
most common use-cases. If you need a solution for your multi-million
dollar mobile banking app, you should probably do some additional
research of your own or pay somebody to do this for you.

Effectively, both DHE and ECDHE can be considered sane today. The same
is true for AES128 and AES256. Having lengthy discussions about which
one should be preferred does not lead us anywhere, nor trying to pin
down the exact preference order in every imaginable combination of
applications. If "Configuration B" results in a non-optimised but still
quite workable result for all platforms, so be it. People who want to
self-host their blog and secure it with TLS should be served well with
"Configuration B", regardless on whether AES128 or AES256 is king.

People, who have to consider stuff like computational complexity, be it
because they are dealing with (broken) mobile devices that claim to
support algorithms which in reality they cannot, cannot expect to find a
simple cut-and-paste-template that fits all of their (and everybody
elses) needs. Still they may use ACH as a first point of reference. 

Would it be appreciated if I wrote some prose to section 1 that
addresses the targeted audience and scope? Hopefully this could also
avoid reactions of people like him:

http://www.heise.de/security/artikel/Das-BSI-und-der-Elfenbeinturm-25898
93.html (German only)

Cheers

	David


More information about the Ach mailing list