[gnutls-devel] forcing 256bit symetric?

Peter Williams home_pw at msn.com
Thu Apr 16 19:40:35 CEST 2015

we never intended that the ssl ciphersuite addressed cert algs.

one has to be carefuy in designing security protocols (specially if one knows something about how they can and typically are designed-in by standards committee “consensus” to be broken by cryptanalytical hardware tuned into oracles).

Sent from Windows Mail

From: James Cloos
Sent: ‎Thursday‎, ‎April‎ ‎16‎, ‎2015 ‎10‎:‎20‎ ‎AM
To: Nikos Mavrogiannopoulos
Cc: GnuTLS development list

>>>>> "NM" == Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:

JC>> What is the shortest priority to demand aes256, prefering aead, but
JC>> accept the certs in actual use in the wild?


That gave me the hint I needed.  I ended up with:


I'll add +AES-256-CCM once I know it is happy on my box.

>> SECURE256 fails because it demands sha512 and essentially no one uses
>> that to sign certs.

NM> Correct. We may need different keywords to indicate secrecy level of
NM> 256-bits, while keeping the handshake security level to the current
NM> defaults.

Sounds like a plan.

James Cloos <cloos at jhcloos.com>         OpenPGP: 0x997A9F17ED7DAEA6

Gnutls-devel mailing list
Gnutls-devel at lists.gnutls.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150416/fc001529/attachment.html>

More information about the Gnutls-devel mailing list