On Wed, Aug 24, 2016 at 8:28 PM, Peter Gutmann <pgut...@cs.auckland.ac.nz> wrote:
> Only if there's an actualy issue. 3DES is still very widely supported > (particularly in financial systems and embedded) As someone who works professionally in the payments industry alongside people who are directly implementing EMV protocols, let me note: those are not IETF protocols and should not have bearing on IETF/IRTF decisions regarding deprecations of protocols in TLS or other IETF protocols. But I'm mainly concerned with TLS... and provides a useful backup to AES. So does ChaCha20. > An attack that recovers cookie if you can record 785GB of traffic isn't > anything I'm losing any sleep over. ..but is not a terribly dissimilar traffic volume to recover plaintexts from similar attacks against RC4, which received "diediedie" in RFC7465. Perhaps notable is the RC4 attacks work across multiple session keys, whereas SWEET32 requires the same key, but I think the practical consequences regarding data volume limits are similar. -- Tony Arcieri
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
