On Thu, Jun 05, 2008 at 08:20:31PM -0700, Ace wrote:
> I know that DHE-RSA-AES256-SHA is more secure than RC4-SHA
The DHE part especially, as it yields forward-secrecy. So far, RC4
with fully random keys has held up reasonably well.
> but it needs
> more computation power and RC4-MD5 is faster.
> I saw the mixed response on
> RC4-MD5 usage. OpenSSL lists it as medium strength cipher but I found that
> many people have listed attacks on this, possible in an hour.
1 hour attacks against 128-bit RC4 are not yet published in the academic
(non-military) crypto community.
> What is the
> releality? How much secure is to go with RC4-MD5? Is there any other suite
> that is faster and secure too than DHE-RSA-AES256-SHA? I know that DES and
> 3DES are bad. What about IDEA-CBC-SHA? It is faster but is it secure too?
What problem are you solving? Is bulk encryption performance (as opposed
to say, PKI handshakes, ...) really your bottleneck?
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
