[tor-bugs] #19998 [Core Tor/Tor]: Stop allowing 3DES in TLS ciphersuites
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Aug 26 14:07:04 UTC 2016
#19998: Stop allowing 3DES in TLS ciphersuites
------------------------------+--------------------------------
Reporter: nickm | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.2.9.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: .2 | Reviewer:
Sponsor: |
------------------------------+--------------------------------
Thanks to the SWEET32 attack, 3des is getting lots of attention.
Right now, Tor is willing in principle to negotiate a 3DES TLS connection.
But the good news is (I think) that two non-obsolete Tor instances will
never actually do so. Here is my reasoning:
* Our source code has always preferred AES to 3DES. So the only way to
get 3DES would be if one party didn't support AES.
* OpenSSL began supporting AES in version 0.9.7.
* Tor has required OpenSSL 0.9.7 or later since 7da93b80ca7a6ba , which
was in 0.2.0.10-alpha.
So this cipher shouldn't get negotiated, unless you're doing something
very very weird.
I suggest that the best fix is to stop servers from ever choosing it.
I suggest that as an additional fix, clients should reject a connection to
any server that _does_ choose it.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19998>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list