[Cryptography] DROWN attack on SSLv2 enabled servers

Stephen Farrell stephen.farrell at cs.tcd.ie
Sun Mar 6 18:07:44 EST 2016



On 06/03/16 20:29, ianG wrote:
> 
> 
> The fundamental systemic problem I believe is that few of the crypto
> projects have a holistic view to upgrade.  Instead, they've preferred to
> travel with the false sirens of algorithm agility.

Nonsense. DROWN is a contra-indicator for your favourite approach of
protocol versioning.

In fact, none of algorithm agility nor protocol versioning nor upgrade
nor the lack of upgrade are what caused DROWN. DROWN was caused by two
things: primarily 1) government mandated weak crypto, but also 2) not
removing old code because of inappropriately assigning priority to
interoperability above everything else.

Just because you constantly profess your dislike for that particular
hammer does not mean that there are no nails that it can whack well:-)

> 
> Mass upgrade is easier said than done - it's taken years for Microsoft
> and Apple to bed it in.  But it's much harder if you don't face up to it.

That is very true.

Even with s/w update, the various folks involved (which includes us on
here) have to decide to remove old code. And we have to fight against
stupid government/law-enforcement attempts to weaken security and
privacy via crap crypto and other bad ideas. Within the technical
community we have pretty good agreement about the latter. But sadly
we are far from on the same page as to the former.

S.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3840 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160306/b639082f/attachment.bin>


More information about the cryptography mailing list