[gnutls-devel] cipher suites

Nikos Mavrogiannopoulos nmav at gnutls.org
Fri Oct 25 09:53:02 CEST 2013


On 10/24/2013 04:37 PM, Stefan Bühler wrote:
> Hi,
> 
> On Tue, 22 Oct 2013 14:58:32 +0200
> Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
> 
>> I have added most, if not all of the missing ciphersuites.
>> Unfortunately for several of them there are no test servers I can
>> test against (e.g., camellia-gcm). Hence, I have not enabled them by
>> default.
> 
> You missed 3 afaics:
> 
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

Indeed.

> TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
> TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384

These two exist though.

> With priority string "SECURE256:+SECURE128:-DHE-DSS:-ECDHE-ECDSA" this
> should lead to something like this right now:
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
> TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
> [...]
> 
> It would really be nice not to see a SHA1 cipher as first "non-GCM"
> cipher in that list - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384...

In the normal priority string HMAC-SHA1 is still preferred. SHA256 and
SHA384 add significant overhead per packet without really adding much
into security.

regards,
Nikos




More information about the Gnutls-devel mailing list