nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-28 06:13:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
175b2678d7
tor/changes/tls_ecdhe
Nick Mathewson 175b2678d7 Let servers choose better ciphersuites when clients support them 
This implements the server-side of proposal 198 by detecting when
clients lack the magic list of ciphersuites that indicates that
they're lying faking some ciphers they don't really have.  When
clients lack this list, we can choose any cipher that we'd actually
like.  The newly allowed ciphersuites are, currently, "All ECDHE-RSA
ciphers that openssl supports, except for ECDHE-RSA-RC4".

The code to detect the cipher list relies on on (ab)use of
SSL_set_session_secret_cb.
2012-12-25 20:14:07 -05:00

25 lines
1.2 KiB
Plaintext
Raw Blame History

o Major features:
- Servers can now enable the ECDHE TLS ciphersuites when
available and appropriate. These ciphersuites, when used with
the P-256 elliptic curve, let us negotiate forward-secure TLS
secret keys more safely and more efficiently than with our
previous use of Diffie Hellman modulo a 1024-bit prime.
Enabling these ciphers was a little tricky, since for a long
time, clients had been claiming to support them without
actually doing so, in order to foil fingerprinting. But with
the client-side implementation of proposal 198 in
0.2.3.17-beta, clients can now match the ciphers from recent
firefox versions *and* list the ciphers they actually mean, so
servers can believe such clients when they advertise ECDHE
support in their TLS ClientHello messages.
This feature requires clients running 0.2.3.17-beta or later,
and requires both sides to be running OpenSSL 1.0.0 or later
with ECC support. OpenSSL 1.0.1, with the compile-time option
"enable-ec_nistp_64_gcc_128", is highly recommended.
Implements the server side of proposal 198; closes ticket
7200.
Reference in New Issue View Git Blame Copy Permalink