openSSL and SLOTH attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> Does FIPS mode prevent use of MD5: Yes.

> Does FIPS mode prevent insecure uses of SHA-1 (a FIPS
> algorithm): No.

> Does FIPS mode prevent the SSL/TLS handshake from using 96 bit
> truncated HMAC values: Probably not.

> Does FIPS mode prevent use of the insecurely designed
> 'tls-unique' feature: Probably not.

This is what I read so far, thanks for the confirmation.  1.01f though, will
be good, will it, FIPS mode or not ?




--
View this message in context: http://openssl.6102.n7.nabble.com/openSSL-and-SLOTH-attack-tp62055p62080.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux