gnutls-3.0.9, PSK and SECURE256

help-gnutls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

gnutls-3.0.9, PSK and SECURE256

From:	Michael Weiser
Subject:	gnutls-3.0.9, PSK and SECURE256
Date:	Sat, 17 Dec 2011 21:36:11 +0100
User-agent:	Mutt/1.5.21 (2010-09-15)

Hello list,
Hi Nikos,

my home-grown stunnel-lookalike uses gnutls and PSK. I run it with the
following ciphersuite priority specification:
SECURE256:+ECDHE-PSK:+DHE-PSK:+PSK.

After upgrading to gnutls-3.0.9 it no longer works. This seems to be
due to the fact that PSK ciphersuites use AES128 at most. Up until 3.0.9
they used to belong to SECURE256 but now got removed. So in order to be
able to use PSK I have to switch to SECURE128.

I don't want to debate the reason for removing AES128 from SECURE256.
Obviously the security level with SECURE128 is just as high (or low) as
before. Rather I wonder, why PSK isn't used in conjunction with AES256?
-- 
Thanks for any insights,
Micha

[Prev in Thread]

Current Thread

[Next in Thread]

gnutls-3.0.9, PSK and SECURE256, Michael Weiser <=
- Re: gnutls-3.0.9, PSK and SECURE256, Nikos Mavrogiannopoulos, 2011/12/18
  - Re: gnutls-3.0.9, PSK and SECURE256, Michael Weiser, 2011/12/18
    - Re: gnutls-3.0.9, PSK and SECURE256, Nikos Mavrogiannopoulos, 2011/12/18
    - Re: gnutls-3.0.9, PSK and SECURE256, Michael Weiser, 2011/12/19

Prev by Date: gnutls 3.0.9
Next by Date: Re: gnutls-3.0.9, PSK and SECURE256
Previous by thread: gnutls 3.0.9
Next by thread: Re: gnutls-3.0.9, PSK and SECURE256
Index(es):
- Date
- Thread