protect
against this attack if the session caching is disabled?
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF)
Is it necessary to disable resumption using a different function?
Kind regards,
Fedor Brunner
-BEGIN PGP SIGNATURE
On 05.12.2013 20:15, Viktor Dukhovni wrote:
> On Wed, Dec 04, 2013 at 01:29:09PM +0100, Fedor Brunner wrote:
>
>> The default cipher settings in OpenSSL prefer 3DES over AES-128. In
>> general, Triple DES with three independent keys has a key length of 168
>> bits, bu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi all,
the default cipher settings in OpenSSL prefer 3DES over AES-128. In
general, Triple DES with three independent keys has a key length of 168
bits, but due to the meet-in-the-middle attack, the effective security
it provides is only 112 bits
Hello,
there are two sets of DH parameters, is there a difference?
./crypto/dh/dh2048.pem
./crypto/dh/dh512.pem
./crypto/dh/dh192.pem
./crypto/dh/dh4096.pem
./crypto/dh/dh1024.pem
./apps/dh2048.pem
./apps/dh512.pem
./apps/dh4096.pem
./apps/dh1024.pem
In DH parameters in ./apps there reference to
Hello,
there are two sets of DH parameters, that is the difference?
./crypto/dh/dh2048.pem
./crypto/dh/dh512.pem
./crypto/dh/dh192.pem
./crypto/dh/dh4096.pem
./crypto/dh/dh1024.pem
./apps/dh2048.pem
./apps/dh512.pem
./apps/dh4096.pem
./apps/dh1024.pem
In DH parameters in ./apps there reference to
