Closed
Bug 1248345
Opened 8 years ago
Closed 8 years ago
AES in GCM mode is only available with ECC based PFS
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1029179
People
(Reporter: bjoern, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:44.0) Gecko/20100101 Firefox/44.0 Build ID: 20160209233610 Steps to reproduce: in bug #1029179 it was alreadly discussed to enable AES in GCM with DHE and not only with ECDHE. One important point was missing in that discussion: Today's ECC cryptography will be weak as soon as quantum computers will become usable and they are making more and more progress. Actually the public won't know how much progress it made in some labs. See also https://en.wikipedia.org/wiki/Elliptic_curve_cryptography#Quantum_computing_attacks and this cite from https://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml --snip-- Until this new (quantum computing save cipher) suite is developed and products are available implementing the quantum resistant suite, we will rely on current algorithms. For those partners and vendors that have not yet made the transition to Suite B elliptic curve algorithms, we recommend not making a significant expenditure to do so at this point but instead to prepare for the upcoming quantum resistant algorithm transition -- Sites which want to be sure that their ecrypted traffic will not be decypherable due to progress of quantum computing in the next years will disable eliptic curves and use DHE and not ECDHE for PFS. Also have in mind thatdue to Grover's algorithm with quantum computing the keylength of symetic keys will be effectively divided by 2, so AES256 is advisable. For those reason Firefox should also offer something like TLS_DHE_RSA_WITH_AES_256_GCM_SHA256.
Comment 1•8 years ago
|
||
Quantum computers can also break RSA and FFDH in polynomial time. They do not help much even if they are a bit less weak than EC. Please do not file a duplicate bug intentionally.
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•