On Mon, Sep 17, 2007, Besbello wrote: > Hi all, > working with Apache mod_ssl and different versions of Openssl, I've realized > that since version 0.9.8c, the ciphersuites called "rogue" have been > disabled. > I've read changelog but I can't understand the reason. > I'm interested in using a 56-bit cipher algorithm between my Apache server > and the client, because the latter is an small device with no much processor > power, so It cant support 128-bit cipher, but It can use 40 or 56 bit > cipher. >
There isn't a direct correlation between symmetric key size and processing power required. Indeed in some cases the actual key size indicates the entropy used as opposed to the physical key size: so a "40 bit key" may actually be a 128 bit key with 40 bits of entropy and you wouldn't notice any difference in speed. I'd suggest you do some tests to see what performance difference (if any) is present when using 128 bit keys. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
