[gnutls-devel] cipher suites
Nikos Mavrogiannopoulos
nmav at gnutls.org
Sun Oct 13 17:22:26 CEST 2013
On Sun, Oct 13, 2013 at 3:36 PM, Stefan Bühler <stbuehler at lighttpd.net> wrote:
> Hi again,
> Ok. So I did some research to find all not supported ciphersuites
> (using the list from debian unstable, gnutls 3.2.4), and grouped them.
Thanks, that's a nice list. I'll check more thoroughly the next few
days. I'll now only answer for the ones that there is a reason for not
being there.
> export ciphers (GNUTLS_CIPHER_ARCFOUR_40 and GNUTLS_CIPHER_RC2_40_CBC
> exist but are unused, DES40 doesn't exist):
I removed them on purpose with gnutls 3.2. There is no longer a reason
for the export ciphersuites and if used they are most probably used in
a downgrade attack.
> DES cipher (GNUTLS_CIPHER_DES_CBC exists, but isn't used):
We never added this, as DES was introduced in TLS pretty much the same
time the export controls were lifted and 3DES was a better choice.
> IDEA cipher:
Too old cipher and I don't think there is any reason to use it today.
> SEED cipher:
We don't have seed in nettle. It could be considered if there is a
need for this cipher.
> AES-CCM ciphers:
AES-CCM is a very inefficient mode of AES. Currently we have AES-GCM
which is quite better. We could add it if there is a reason for it.
> ARIA cipher:
Same as seed.
> DH_DSS and DH_RSA key exchange:
No-one uses static DH keys. I don't think anyone ever did. The data
from the SSL observatory show 0 certificates using static DH keys on
the Internet. This is the reason we never supported them.
> ECDH_ECDSA and ECDH_RSA key exchange:
The same as static DH keys.
regards,
Nikos
More information about the Gnutls-devel
mailing list