On 1/25/2017 4:36 PM, sivmu wrote:
> Basically if you can collect a few hundred GB of data, it is trivial to
> calculate the key. There is a prove of concept for https connections,
> although I believe this is especially relevant for VPN connections
> (openvpn uses a 64 bit ciphers (blowfish) by default)
>

Thanks for bringing up the point about OpenVPN. I use it myself. I
already had it set to AES-128-CBC, but I upgraded to the git 2.5 master
version and set it to AES-256-GCM. This is one of the settings they
recommend in their response to the issue [0] since GCM support was added
in 2.4.

[0]https://community.openvpn.net/openvpn/wiki/SWEET32

--
Antony

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to