Re: Attacks on IPsec

From: Peter Gutmann (pgut001_at_cs.auckland.ac.nz)
Date: 06/14/05


Date: 14 Jun 2005 11:22:12 GMT

bmoeller@acm.org (Bodo Moeller) writes:

>There are other ciphersuites that don't do everything you might expect
>from a ciphersuite: TLS_RSA_WITH_NULL_MD5 and TLS_RSA_WITH_NULL_SHA.
>These do not provide data encryption, but they do provide
>authentication (but I don't thin anyone uses them).

I know of banks that use them over leased-line links to mainframes, where CPU
cycles are expensive.

Peter.