Re: Use of SSL as a VPN
From: Matthew Lange (mmlange@yahoo.com)
Date: 02/17/03
- Next message: Scott Contini: "Re: Q: Efficient computation of inverse in Z_(2^n)"
- Previous message: Mads Rasmussen: "Re: cidd/rcrx is my cipher"
- In reply to: dazedandconfused: "Re: Use of SSL as a VPN"
- Next in thread: Peter Gutmann: "Re: Use of SSL as a VPN"
- Reply: Peter Gutmann: "Re: Use of SSL as a VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Matthew Lange <mmlange@yahoo.com> Date: Mon, 17 Feb 2003 17:53:43 GMT
dazedandconfused wrote:
> I'm not a cryptographer either, but I can tell you that there is a
> perceived deficiency in SSL because of its use of MD5 for generating
> key material. According to this document, TLS is ok though.
I agree. We've mandated the use of SHA-1 because of perceived problems
with MD5.
The real problem we're trying to solve here is the perfect forward
secrecy (PFS) issue. We don't doubt the strength of the crypto in SSL
itself, but we *are* extremely concerned about the exchange of the
master secret and pre-master secrets...and the compromise of those keys.
If we *were* to use EDH with SSL, we're also concerned that the key
length is mandated (by way of RFC, CPU constraints, and possibly export
restrictions) to 512 bits or less. A lot of regulations suggest that
anything less than 1,024 bits is bad, though they don't make specific
mention of the type of crypto (RSA vs DH). This again relates to our
question about PFS with SSL using DH.
Any insight that anybody has about these issues would be greatly
appreciated.
- Matt
- Next message: Scott Contini: "Re: Q: Efficient computation of inverse in Z_(2^n)"
- Previous message: Mads Rasmussen: "Re: cidd/rcrx is my cipher"
- In reply to: dazedandconfused: "Re: Use of SSL as a VPN"
- Next in thread: Peter Gutmann: "Re: Use of SSL as a VPN"
- Reply: Peter Gutmann: "Re: Use of SSL as a VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
