On 05.12.2013 20:15, Viktor Dukhovni wrote: > On Wed, Dec 04, 2013 at 01:29:09PM +0100, Fedor Brunner wrote: > >> The default cipher settings in OpenSSL prefer 3DES over AES-128. In >> general, Triple DES with three independent keys has a key length of 168 >> bits, but due to the meet-in-the-middle attack, the effective security >> it provides is only 112 bits. Triple DES is much slower than 128 bit >> AES. Why is the 3DES cipher preferred over AES-128 ? > > Larger key-space (and prohibitive space requirements for > meet-in-the-middle attacks). > > You can safely disable 3DES, and improve inter-operability (e.g. > some older Windows systems have problems with 3DES). Set the > cipherlist to: > > DEFAULT:!SSLv2:!EXPORT:!LOW:!3DES:!IDEA:!RC2 > > None of the excluded ciphersuites are used much if at all, and > removing them can improve interoperability with some sites. > Thanks for information. My concern was for openssl ciphers 'HIGH:!aNULL' where 3DES is prefered over AES128 . I think 3DES should be dropped from "high" encryption cipher suites.
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
