[Cryptography] FREAK attack
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Thu Mar 5 23:13:15 EST 2015
Bill Frantz <frantz at pwpconsult.com> writes:
>On 3/5/15 at 5:10 AM, rsalz at akamai.com (Salz, Rich) wrote:
>>Make a timeline for the past 15 years. Which ONE cipher suite should
>>SSL/TLS have used?
>
>While they are getting kind of long in the tooth, RSA-2048, 3DES,
>DHE-1024, & SHA1 would not have been bad choices.
+1. The only other requirement would be to go to EtM, which Hugo Krawczyk
pointed out for SSL in "The Order of Encryption and Authentication" about
fifteen years ago, so that falls within the "past 15 years" requirement.
Make that change and about 95% of all crypto-related atacks on SSL/TLS [0]
would never have happened (NB: this is specifically crypto-related attacks,
not protocol flaws like rehandshake issues which fall outside the scope of the
crypto).
Peter.
[0] Anyone want to go through the complete catalogue and see whether anything
would have succeeded? The "95%" figure is freely pulled from thin air,
but it could be closer to 100%.
More information about the cryptography
mailing list