Re: [TLS] Ordered list of cypher strengths
Michael D'Errico <mike-list@pobox.com> Sat, 17 October 2009 15:34 UTC
Return-Path: <mike-list@pobox.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 50A5F3A68AE for <tls@core3.amsl.com>; Sat, 17 Oct 2009 08:34:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qQaRkAoLW4lz for <tls@core3.amsl.com>; Sat, 17 Oct 2009 08:34:09 -0700 (PDT)
Received: from sasl.smtp.pobox.com (a-pb-sasl-sd.pobox.com [64.74.157.62]) by core3.amsl.com (Postfix) with ESMTP id CD4EC3A6827 for <tls@ietf.org>; Sat, 17 Oct 2009 08:34:08 -0700 (PDT)
Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-sd.pobox.com (Postfix) with ESMTP id 6CC167BB18 for <tls@ietf.org>; Sat, 17 Oct 2009 11:34:13 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=message-id :date:from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; s=sasl; bh=hWSb23F4uzLn gJouhEMj6yKGoXE=; b=dSu3Kf3zvtJmcr44Ox9typCN2lWQHinMLiZjLRedQUzu IzdO+aM/PEB2pFv2oUA7XRnNH+IryIJgvLS7ZPRKaX3Segd3AcgskOsAHS9y/uzB lPgKGfe/pym0DiWcpEpPtLmvuNqb2wat5NxYh8dJnvDNkrSr4syp+KgD+y5aTGU=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=message-id:date :from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; q=dns; s=sasl; b=PbRrGZ e+yqu6D1DqCDlL9VL05nAGBXVYE0i3nGBrruR5t9Kk3jOY3U8pKJfBMqpoPkLfS1 pPaTBj8qNJ/TI/KzNE5XxynwxwS0Eo0KZQ6gFdVFAO+T+tMqX62/ZUN7hgU+INlO K51a1yZ/Al+KBa+N8CVxxtJcKcbwQ6zqWD5wo=
Received: from a-pb-sasl-sd.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-sd.pobox.com (Postfix) with ESMTP id 69EE57BB17 for <tls@ietf.org>; Sat, 17 Oct 2009 11:34:13 -0400 (EDT)
Received: from administrators-macbook-pro.local (unknown [24.234.114.35]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by a-pb-sasl-sd.pobox.com (Postfix) with ESMTPSA id E95E47BB16 for <tls@ietf.org>; Sat, 17 Oct 2009 11:34:12 -0400 (EDT)
Message-ID: <4AD9E408.7040709@pobox.com>
Date: Sat, 17 Oct 2009 08:34:32 -0700
From: Michael D'Errico <mike-list@pobox.com>
User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812)
MIME-Version: 1.0
To: tls@ietf.org
References: <4FD799C7F81B44C094DFF8409F368F35@GIH.CO.UK>
In-Reply-To: <4FD799C7F81B44C094DFF8409F368F35@GIH.CO.UK>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
X-Pobox-Relay-ID: 85B8955E-BB32-11DE-9C81-A67CBBB5EC2E-38729857!a-pb-sasl-sd.pobox.com
Content-Transfer-Encoding: quoted-printable
Subject: Re: [TLS] Ordered list of cypher strengths
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Oct 2009 15:34:11 -0000
This is a difficult question to answer. There are three factors to consider when determining the relative strengths of cipher suites. First there is the key exchange mechanism, such as RSA, DHE_DSS, etc. Second is the bulk encryption algorithm and key length, and third is the MAC. The key exchange mechanism is problematic because there is no way to specify the key length by the client; the server selects it. Many servers use 1024-bit RSA keys and 1024-bit Diffie-Hellman parameters which roughly correspond to "only" 80 bits of security. This may be the weak link. Using AES-256 may provide no more security than RC4 if a 1024-bit RSA key exchange is done. I know this is not the answer you were hoping for, but the reality is you can't create the list you want. Also, with email, messages are only protected in transit. The server at each hop will have the full plaintext of your message. And even if the first hop uses TLS for that transfer, there is no guarantee that TLS will be used on every transfer all the way to the recipient. And then once it's at the recipient, you don't know that they've set up their mail client to use TLS with POP3 or IMAP. Mike ---- http://mikestoolbox.com Olivier MJ Crepin-Leblond wrote: > Hello there, > > could someone please point me to references or a page discussing cypher > strengths and listing them in increasing order, in an email specific > context? For example, I'm seeing emails transfers which seem to be using: > > - AES256-SHA > - RC4-MD5 > - DHE-RSA-AES256-SHA > - ADH-AES256-SHA > - EDH-RSA-DES-CBC3-SHA > > etc. > > I know of the page: http://www.openssl.org/docs/apps/ciphers.html which > lists cypher suites, but are these listed in order of increasing strength? > > Warm regards, > > -- > Olivier MJ Crépin-Leblond, PhD > http://www.gih.com/ocl.html
- [TLS] Ordered list of cypher strengths Olivier MJ Crepin-Leblond
- Re: [TLS] Ordered list of cypher strengths Michael D'Errico