[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
gnutls-3.0.9, PSK and SECURE256
From: |
Michael Weiser |
Subject: |
gnutls-3.0.9, PSK and SECURE256 |
Date: |
Sat, 17 Dec 2011 21:36:11 +0100 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
Hello list,
Hi Nikos,
my home-grown stunnel-lookalike uses gnutls and PSK. I run it with the
following ciphersuite priority specification:
SECURE256:+ECDHE-PSK:+DHE-PSK:+PSK.
After upgrading to gnutls-3.0.9 it no longer works. This seems to be
due to the fact that PSK ciphersuites use AES128 at most. Up until 3.0.9
they used to belong to SECURE256 but now got removed. So in order to be
able to use PSK I have to switch to SECURE128.
I don't want to debate the reason for removing AES128 from SECURE256.
Obviously the security level with SECURE128 is just as high (or low) as
before. Rather I wonder, why PSK isn't used in conjunction with AES256?
--
Thanks for any insights,
Micha
- gnutls-3.0.9, PSK and SECURE256,
Michael Weiser <=