[Cryptography] SSL combines two aspects of communication

Viktor Dukhovni cryptography at dukhovni.org
Tue Jan 13 19:13:08 EST 2015

On Wed, Jan 14, 2015 at 10:00:50AM +1030, Andreas Junius wrote:

> I've been working on a secure application for a while that is based on
> https. One of the problems I found with SSL is that it combines two aspects
> of communication, i.e. authentication and encryption. These two aspects have
> contradicting requirements. One of the requirements for authentication is
> that the certificate should not frequently change (most SSL certificates are
> valid for one or two years). And I think an important requirement for
> encryption is that a key gets not longer used than absolutely necessary,
> i.e. it should be as short-living as possible.

The introduction to the below document is not SMTP specific:


> I did all this because some sources claim the NSA is able to crack a SSL key
> in about 10 days;

Regardless of the key length?  Not terribly credible.  Once the
paranoia sets in, people seem to become lot more gullible about
claims that validate their fears.

> which means they can then read all communication with the
> targeted server for the remaining validity period of the SSL certificate.

Only if RSA key transport is used with a key length they can crack.

> But the question remains: does this system actually add to security? What do
> you think?

Your system is likely needlessly complex.  If they want your traffic,
they'll attack something other than the crypto.  Enable forward-secrecy
on the server and client, either 2048-bit DHE or 256-bit ECDHE.


More information about the cryptography mailing list