aeris22’s avataraeris22’s Twitter Archive—№ 48,938

    1. …in reply to @CryptoPartyRNS
      @CryptoPartyRNS 1- 3DES is removed from everywhere. No more available on OpenSSL, Firefox, Chrome…
      Permalink On twitter.com Twitter logo aeris22’s avatar ❤️ 1 Favorite Mood -1 🙁
  1. …in reply to @aeris22
    @CryptoPartyRNS 2- Support is very decent for AES. Everything decent support AES, even very very old user-agent.
    On twitter.com Twitter logo aeris22’s avatar Mood +4 🙂
    1. …in reply to @aeris22
      @CryptoPartyRNS 3- Having 3DES enabled puts visitors at risk for a downgrade cipher encryption if supporting 3DES too.
      Permalink On twitter.com Twitter logo aeris22’s avatar ❤️ 1 Favorite Mood -1 🙁
      1. …in reply to @aeris22
        @CryptoPartyRNS Even if AES is prefered, at the time client supports 3DES, you can downgrade to 3DES, and so use sweet32 to powned it.
        Permalink On twitter.com Twitter logo aeris22’s avatar Mood +2 🙂
        1. …in reply to @aeris22
          @CryptoPartyRNS And the last 4- If you support 3DES, it means your OpenSSL is outdated. Last secured version remove 3DES from everywhere.
          Permalink On twitter.com Twitter logo aeris22’s avatar ♻️ 1 Retweets Mood +4 🙂
          1. …in reply to @aeris22
            @CryptoPartyRNS No more available on HIGH cipher suite on 1.0.2, and totally not available at all on 1.1.0. openssl.org/blog/blog/2016/08/24/sweet32/
            Permalink On twitter.com Twitter logo aeris22’s avatar Mood -1 🙁
            1. …in reply to @aeris22
              @CryptoPartyRNS As say on sweet32, 3DES is as equal as RC4 from now. Just bunch of plain text. Throw it away.
              Permalink On twitter.com Twitter logo aeris22’s avatar Mood 0