Hi Victor, PKI Handshakes are always the cause of worry when it comes to performance but now I am facing problems even with the normal encryption. The data size is around 2k. Woud you suggest using RC4-MD5?
On Thu, Jun 5, 2008 at 9:12 PM, Victor Duchovni < [EMAIL PROTECTED]> wrote: > On Thu, Jun 05, 2008 at 08:20:31PM -0700, Ace wrote: > > > I know that DHE-RSA-AES256-SHA is more secure than RC4-SHA > > The DHE part especially, as it yields forward-secrecy. So far, RC4 > with fully random keys has held up reasonably well. > > > but it needs > > more computation power and RC4-MD5 is faster. > > > I saw the mixed response on > > RC4-MD5 usage. OpenSSL lists it as medium strength cipher but I found > that > > many people have listed attacks on this, possible in an hour. > > 1 hour attacks against 128-bit RC4 are not yet published in the academic > (non-military) crypto community. > > > What is the > > releality? How much secure is to go with RC4-MD5? Is there any other > suite > > that is faster and secure too than DHE-RSA-AES256-SHA? I know that DES > and > > 3DES are bad. What about IDEA-CBC-SHA? It is faster but is it secure too? > > What problem are you solving? Is bulk encryption performance (as opposed > to say, PKI handshakes, ...) really your bottleneck? > > -- > Viktor. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > -- I may be miles away... but I am just a email away.... so keep emailing...!!! Cheers, Rajan
