Opened 6 years ago

Closed 6 years ago

#11499 closed task (fixed)

Sort list of cipher suites by clear goals

Reported by: cypherpunks Owned by:
Priority: Medium Milestone: Tor: 0.2.5.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-relay tls 024-backport
Cc: Actual Points:
Parent ID: #11513 Points:
Reviewer: Sponsor:

Description

Current order of ciphers to choose by server side:
TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256
TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS1_TXT_DHE_RSA_WITH_AES_256_SHA
TLS1_TXT_DHE_RSA_WITH_AES_128_SHA
TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA
SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA

Why CBC is better than GCM?
What goals?
If speed then why AES_128_SHA256 is better than AES_128_CBC_SHA?

Child Tickets

Change History (3)

comment:1 Changed 6 years ago by nickm

Keywords: tls 024-backport added
Parent ID: #11513

comment:2 Changed 6 years ago by nickm

Status: newneeds_review

See #11513 for patch.

comment:3 Changed 6 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

#11513 patch is merged into 0.2.5 and marked for 0.2.4 backport; closing this one.

Note: See TracTickets for help on using tickets.