[Cryptography] SSL combines two aspects of communication
Viktor Dukhovni
cryptography at dukhovni.org
Tue Jan 13 19:13:08 EST 2015
On Wed, Jan 14, 2015 at 10:00:50AM +1030, Andreas Junius wrote:
> I've been working on a secure application for a while that is based on
> https. One of the problems I found with SSL is that it combines two aspects
> of communication, i.e. authentication and encryption. These two aspects have
> contradicting requirements. One of the requirements for authentication is
> that the certificate should not frequently change (most SSL certificates are
> valid for one or two years). And I think an important requirement for
> encryption is that a key gets not longer used than absolutely necessary,
> i.e. it should be as short-living as possible.
The introduction to the below document is not SMTP specific:
http://www.postfix.org/FORWARD_SECRECY_README.html#dfn_fs
> I did all this because some sources claim the NSA is able to crack a SSL key
> in about 10 days;
Regardless of the key length? Not terribly credible. Once the
paranoia sets in, people seem to become lot more gullible about
claims that validate their fears.
> which means they can then read all communication with the
> targeted server for the remaining validity period of the SSL certificate.
Only if RSA key transport is used with a key length they can crack.
> But the question remains: does this system actually add to security? What do
> you think?
Your system is likely needlessly complex. If they want your traffic,
they'll attack something other than the crypto. Enable forward-secrecy
on the server and client, either 2048-bit DHE or 256-bit ECDHE.
--
Viktor.
More information about the cryptography
mailing list