[Cryptography] Retire all 64-bit block ciphers.
Ray Dillinger
bear at sonic.net
Wed Aug 24 17:06:59 EDT 2016
http://blog.cryptographyengineering.com/2016/08/attack-of-week-64-bit-ciphers-in-tls.html
So it turns out that on average after you've sent 32 Gbytes using a
64-bit block cipher in CBC mode (ie, normal for TLS) there's a
plaintext recovery attack that starts working. Even if the attacker
hasn't the key.
Time to up the game to ciphers with 128-bit blocks.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160824/2e16b1d0/attachment.sig>
More information about the cryptography
mailing list