Thanks Rich. More newbie questions. Looking at the available ciphers I see this: >./openssl ciphers -v 'ALL:aNULL' |grep ECDH |grep "Au=None" AECDH-AES256-SHA SSLv3 Kx=ECDH Au=None Enc=AES(256) Mac=SHA1 AECDH-AES128-SHA SSLv3 Kx=ECDH Au=None Enc=AES(128) Mac=SHA1 AECDH-RC4-SHA SSLv3 Kx=ECDH Au=None Enc=RC4(128) Mac=SHA1 AECDH-DES-CBC3-SHA SSLv3 Kx=ECDH Au=None Enc=3DES(168) Mac=SHA1 AECDH-NULL-SHA SSLv3 Kx=ECDH Au=None Enc=None Mac=SHA1 1) What arg to SSL_CTX_set_cipher_list() to I need to use to get these? I previously tried "kEECDH:kEDH" and that didn't work. 2) These ciphers all report as SSLv3. Do I have to use SSLv3 client/server methods to get access to these ciphers? I was using TLS 1.2 (TLSv1_2_server_method()) methods. Norm Green On 5/24/16 10:08, Salz, Rich wrote: >> 1) The wiki says don't use ADH, presumably because ADH provides >> encryption but not authentication and is exposed to man in the middle >> attacks. Is that the only reason? > Use ECDH, it's less expensive computationally. > >> 2) Are the same encryption keys used every time with ADH? > Yes. That's the other BIG reason :) You really want ephemeral, and therefore ECDH > >> 3) Is it possible to use ephemeral DH without using certificates? I was not >> able to get that to work. > Yes. This is "null" auth. > >> 4) What is the best practice for establishing an anonymous encrypted >> channel using OpenSSL? > Postfix does this kind of thing, as does other SMTP software. Look around for 'opportunistic encryption' perhaps.
