On Tue, 2020-09-08 at 17:39 +0000, Yury Mazin via openssl-users wrote:
> Hello,
>
> I have a question based on the response provided to me:
>
> My question is why following openssl commands (version 1.1.1f)
> return those TLSv1.3 ciphers as offering no authentication and no
> encryption?
What do you mean by no authentication and no encryption? The encryption
is provided as you can see with the Enc=.... value. And authentication
is provided as well because Au=any applies here meaning any
authentication method available in TLS-1.3 protocol.
As it was explained before the cipher string does not apply to TLS-1.3
ciphersuites so it does not matter if you put NULL, eNULL, aNULL or
anything else as the last parameter of the ciphers command.
> Yury
> From: openssl-users <openssl-users-bounces@xxxxxxxxxxx> on behalf of
> Viktor Dukhovni <openssl-users@xxxxxxxxxxxx>
> Sent: Friday, September 4, 2020 12:10 PM
> To: openssl-users@xxxxxxxxxxx <openssl-users@xxxxxxxxxxx>
> Subject: Re: [EXTERNAL] - Re: Question about TLS 1.3 and openssl
> -cipher aNULL option
>
> On Fri, Sep 04, 2020 at 07:00:01PM +0000, Yury Mazin via openssl-
> users wrote:
>
> > Thank you Benjamin,
> >
> > According to OpenSSL , aNULL stands for no-authentication.
>
> Specifically, SSL 3.0 through TLS 1.2 ciphers in which the server and
> client exchange no certificates, and the TLS handshake consists
> largely
> of an unsigned anonymous ephemeral DH or ECDH key exchang.
>
> TLS 1.3 dropped support for anonymous DH and ECDH. Server
> certificates
> are *required. And the all-in-one ciphersuites of TLS <= 1.2, are
> replaced with separately negotiated components. As a result of
> which,
> in OpenSSL 1.1.1 and later, they are controlled via a different set
> of
> APIs and command-line options.
>
> Specifically, in your case, the "-ciphers aNULL" option only applies
> to TLS <= 1.2
>
> > Does it mean that all 3 default protocols of TLS 1.3 offer no
> > authentication
>
> No. None of them "support no authentication" (which is not even
> strictly
> true, it is the protocol that does not support "no authentication",
> the TLS 1.3 ciphers are simply silent re certificate algorithm
> selection),
> but the "-cipher aNULL" is simply not used when TLS 1.3 is
> negotiated,
> so your question is makes incorrect assumptions to reach its
> tentative
> conclusions.
>
--
Tomáš Mráz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your
conscience.]
