Bug#654764: Mitigate B.E.A.S.T attack

To: Mathieu Parent <math.parent@gmail.com>, 654764@bugs.debian.org
Subject: Bug#654764: Mitigate B.E.A.S.T attack
From: Stefan Fritsch <sf@sfritsch.de>
Date: Fri, 6 Jan 2012 10:01:46 +0100
Message-id: <[🔎] 201201061001.46467.sf@sfritsch.de>
Reply-to: Stefan Fritsch <sf@sfritsch.de>, 654764@bugs.debian.org
In-reply-to: <[🔎] CAFX5sbzP39539OX_dx1Oc__bSL3O5S7sNup5kAJ9L03Ms6Pk5w@mail.gmail.com>
References: <[🔎] CAFX5sbzP39539OX_dx1Oc__bSL3O5S7sNup5kAJ9L03Ms6Pk5w@mail.gmail.com>

On Thursday 05 January 2012, Mathieu Parent wrote:
> The BEAST vulnerability [1] "can be prevented by removing all CBC
> ciphers from your list of allowed ciphers—leaving only the RC4
> cipher".

I don't think we want to do that. The normal RC4 algorithms (i.e. not 
ECDHE-*-RC4*) don't provide perfect forward secrecy. So you would 
improve the security in one regard (mitigate BEAST vulnerability even 
if the client does not implement a work-around) but worsen it in 
another regard.

AFAIK, NSS, which is used by Chrome and Firefox, has had a BEAST 
workaround for some time now. So, the suggested change would worsen 
the security for a significant part of the user base.

Reply to:

Follow-Ups:
- Bug#654764: Mitigate B.E.A.S.T attack
  - From: Mathieu Parent <math.parent@gmail.com>

References:
- Bug#654764: Mitigate B.E.A.S.T attack
  - From: Mathieu Parent <math.parent@gmail.com>

Prev by Date: Re: Advice on packaging a PHP application (ITP for Shaarli)
Next by Date: Bug#654764: Mitigate B.E.A.S.T attack
Previous by thread: Bug#654764: Mitigate B.E.A.S.T attack
Next by thread: Bug#654764: Mitigate B.E.A.S.T attack
Index(es):
- Date
- Thread