On 2014-06-30 02:35, Hubert Kario wrote:
The benefits of ECDHE outweigh the risks of using RC4,
I have to disagree here. Even 1024 bit DHE requires a targeted attack at ~80 bit
complexity. Currently we see RC4 at around 56 bit, with a completely unoptimized
attack...
Do you have a reference for those 56 bit? You're not talking about the
old export ciphers I hope? I haven't seen anything saying that the 128
bit RC4 has a complexity of 56 bit. If it's really at 56 bit, we should
disable it everywhere now, no matter if it breaks things or not.
I think we should do all that's possible to avoid RC4. I think that for
now we should follow Microsoft in not having RC4 in the initial
handshake and if fails retry with RC4 enabled. It's my understanding
that that should reduce RC4 usage from 20% of the sites to 1%.
Kurt
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
