"Stitching" is an optimization where you have algorithm A (e.g. AES-CBC) and algorithm B (e.g. HMAC-SHA2) working on the same data, and you interleave the instructions of A and B. (This can improve performance by increasing port and EU utilization relative to running A and B sequentially). I believe OpenSSL uses stitched implementations in TLS for AES-CBC + HMAC-SHA1/2, if they exist for the platform. Also note that "AEAD ciphersuites are not impacted", i.e. AES-GCM and ChaPoly are not impacted. Cheers, Marian Am 27.02.19 um 03:56 schrieb M K Saravanan: > Hi, > > In the context of https://www.openssl.org/news/secadv/20190226.txt > > ====== > In order for this to be exploitable "non-stitched" ciphersuites must be in use. > ====== > > what is "non-stitched" ciphersuites means? > > with regards, > Saravanan >
