Opened 8 years ago

Closed 8 years ago

#6906 enhancement closed fixed (fixed)

Prefer RSA-AES128-GCM over RSA-AES256-CBC

Reported by: Hynek Schlawack Owned by: Hynek Schlawack
Priority: normal Milestone:
Component: core Keywords:
Cc: Branch: branches/prefer-gcm-over-cbc-6906
branch-diff, diff-cov, branch-cov, buildbot
Author: hynek


As Alex pointed out, until we support PFS (DH/ECDHE) key exchange, the current cipher string favors AES256-CBC over AES128-GCM. Although the former sounds more impressive, the latter is more modern, more secure, and faster.

The solution is to simply split up RSA+AES into RSA+AESGCM:RSA+AES so both kinds of GCM are preferred over CBC.

Change History (6)

comment:1 Changed 8 years ago by Hynek Schlawack

Author: hynek
Branch: branches/prefer-gcm-over-cbc-6906

(In [41306]) Branching to prefer-gcm-over-cbc-6906.

comment:2 Changed 8 years ago by Hynek Schlawack

Keywords: review added

Additionally to splitting AES, I’ve also added a more verbose comment about the intent behind the string to make it more comprehensible.

The bots are green, pyflakes and Win7 are unrelated.

comment:3 Changed 8 years ago by Hynek Schlawack

Owner: Hynek Schlawack deleted

comment:4 Changed 8 years ago by dstufft

Owner: set to dstufft
Status: newassigned

comment:5 Changed 8 years ago by dstufft

Keywords: review removed
Owner: changed from dstufft to Hynek Schlawack
Status: assignednew


comment:6 Changed 8 years ago by Hynek Schlawack

Resolution: fixed
Status: newclosed

(In [41308]) Merge prefer-gcm-over-cbc-6906

Author: hynek Reviewer: dstufft Fixes: #6906

Prefer any kind of AES-GCM over any kind of AES-CBC. Add intent behind cipher string.

Note: See TracTickets for help on using tickets.