[Cryptography] FREAK attack
Bill Frantz
frantz at pwpconsult.com
Thu Mar 5 13:08:35 EST 2015
On 3/5/15 at 5:10 AM, rsalz at akamai.com (Salz, Rich) wrote:
>Make a timeline for the past 15 years. Which ONE cipher suite should SSL/TLS have used?
While they are getting kind of long in the tooth, RSA-2048,
3DES, DHE-1024, & SHA1 would not have been bad choices. (For the
E language protocol, we used RSA-1024 for authentication with
the other three for PFS and HMAC). I think even nation state
level attackers will still have problems attacking these ciphers.
However, your point is well taken. If we stretch our time
horizon to 25 years, we need to have concerns about really
massively parallel attacks, and the quantum systems are making
continued, if slow, progress.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | Re: Hardware Management Modes: | Periwinkle
(408)356-8506 | If there's a mode, there's a | 16345
Englewood Ave
www.pwpconsult.com | failure mode. - Jerry Leichter | Los Gatos,
CA 95032
More information about the cryptography
mailing list