Security/Server Side TLS: Difference between revisions

Jump to navigation Jump to search

Security/Server Side TLS (view source)

Revision as of 17:40, 14 October 2013

No change in size ,  14 October 2013
→‎Prioritization logic
No edit summary
Line 100: Line 100:
= Prioritization logic =
= Prioritization logic =


* ECDHE+AESGCM ciphers are selected first. These are TLS 1.2 ciphers and not widely supported at the moment. No known attack currently target these ciphers.
# ECDHE+AESGCM ciphers are selected first. These are TLS 1.2 ciphers and not widely supported at the moment. No known attack currently target these ciphers.
* PFS ciphersuites are preferred, with ECDHE first, then DHE.
# PFS ciphersuites are preferred, with ECDHE first, then DHE.
* AES 128 is preferred to AES 256
# AES 128 is preferred to AES 256
** research shows that AES256 doesn't increase the security level significantly compared to AES128. Moreover, AES256 might be more exposed to timing attacks. Increased computational time contributes to prefer 128 bits.
## research shows that AES256 doesn't increase the security level significantly compared to AES128. Moreover, AES256 might be more exposed to timing attacks. Increased computational time contributes to prefer 128 bits.
* AES is preferred to RC4
# AES is preferred to RC4
** Beast attacks on AES are mitigated in TLS1.1 and above, and difficult to achieve in TLS1.0. In comparison, attacks on RC4 are not mitigated and likely to become more and more dangerous.
## Beast attacks on AES are mitigated in TLS1.1 and above, and difficult to achieve in TLS1.0. In comparison, attacks on RC4 are not mitigated and likely to become more and more dangerous.


= Mandatory discards =
= Mandatory discards =
Ulfr
Confirmed users
529

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/728709"

Navigation menu