alleged attack on TLS

Chris Palmer snackypants at
Wed Sep 21 20:06:02 CEST 2011

On Wed, Sep 21, 2011 at 10:50 AM, Nikos Mavrogiannopoulos
<nmav at> wrote:

> Unfortunately RC4 is the weakest cipher in TLS. Although no attacks are
> known for RC4 in TLS, I don't know if switching to it is a real solution.

Well, we know AES-CBC has at least the one weakness (although BEAST's
applicability to real attack scenarios may be arguable).

Anyway, Google uses RC4 for performance reasons, and it's by no means
the weak link in the chain. As long as it's not something blatantly
broken like RC4-40, the cipher suite is never the weak link in the

"These days, though, you have to be pretty technical before you can
even aspire to crudeness." — William Gibson

More information about the Gnutls-devel mailing list