diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-01-09 21:38:33 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-01-09 21:38:55 +0100 |
| commit | 2cac1ae6f667a9bbba8fd090a7d560cb6a64db80 (patch) | |
| tree | d089089d9767d6883a28c85201704715c7c6f941 | |
| parent | 2aa6a1eb270188f99caaaa25f44af042f8e9a4f7 (diff) | |
| download | gnutls-2cac1ae6f667a9bbba8fd090a7d560cb6a64db80.tar.gz | |
Defined more precisely the SECURE levels.
| -rw-r--r-- | doc/cha-gtls-app.texi | 22 | ||||
| -rw-r--r-- | lib/gnutls_priority.c | 5 |
2 files changed, 20 insertions, 7 deletions
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index d5932b56fe..6b408110ee 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -699,12 +699,14 @@ included as a fallback only. The ciphers are sorted by security margin. @item SECURE128 @tab -Means all "secure" ciphersuites of security level 128-bit -or more. +Means all "secure" ciphersuites that offer a +security level 128-bit or more and a message authenticity +security level of 80 bits or more. @item SECURE192 @tab -Means all "secure" ciphersuites of security level 192-bit -or more. +Means all "secure" ciphersuites that offer a +security level 192-bit or more and a message authenticity +security level of 128 bits or more. @item SECURE256 @tab Currently alias for SECURE192. @@ -736,8 +738,16 @@ compression NULL; for certificate types X.509. In key exchange algorithms when in NORMAL or SECURE levels the perfect forward secrecy algorithms take precedence of the other protocols. In all cases all the supported key exchange algorithms - are enabled (except for the RSA-EXPORT which is only enabled in -EXPORT level). +are enabled@footnote{Except for the RSA-EXPORT which is only enabled in +EXPORT level.}. + +Note that the SECURE levels distinguish between overall security level and +message authenticity security level. That is because the message +authenticity security level requires the adversary to break +the algorithms at real-time during the protocol run, whilst +the overall security level refers to off-line adversaries +(e.g. adversaries breaking the ciphertext years after it was captured). + The NONE keyword, if used, must followed by the algorithms to be enabled, and is used to provide the exact list of requested algorithms@footnote{To avoid collisions in order to specify a compression algorithm in this string you have to prefix it with "COMP-", protocol versions diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c index 0a79b67e8d..79573ed59f 100644 --- a/lib/gnutls_priority.c +++ b/lib/gnutls_priority.c @@ -370,7 +370,9 @@ static const int cipher_priority_secure128[] = { GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_CIPHER_AES_128_GCM, - GNUTLS_CIPHER_3DES_CBC, + GNUTLS_CIPHER_AES_256_CBC, + GNUTLS_CIPHER_CAMELLIA_256_CBC, + GNUTLS_CIPHER_AES_256_GCM, 0 }; @@ -474,6 +476,7 @@ static const int mac_priority_suiteb192[] = { }; static const int mac_priority_secure128[] = { + GNUTLS_MAC_SHA1, GNUTLS_MAC_SHA256, GNUTLS_MAC_SHA384, GNUTLS_MAC_AEAD, |