Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1056610 - 3DES based ciphers are preferred before AES-128 based ciphers [rhel-7]
Summary: 3DES based ciphers are preferred before AES-128 based ciphers [rhel-7]
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: openssl
Version: 7.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Tomas Mraz
QA Contact: Hubert Kario
Depends On:
TreeView+ depends on / blocked
Reported: 2014-01-22 14:56 UTC by Hubert Kario
Modified: 2014-09-02 09:47 UTC (History)
1 user (show)

Fixed In Version: openssl-1.0.1e-31.el7
Doc Type: Bug Fix
Doc Text:
Cipher suites based on the Triple DES (3DES) algorithm had their bit strengths erroneously set to 168 bits when running under the SSL or TLS protocols. As a consequence, they were incorrectly sorted before cipher suites based on the AES-128 algorithm. This update sets the bit strength of 3DES-based cipher suites to 128 bits, and they will now be sorted after AES-128-based cipher suites as expected.
Clone Of: 1056608
Last Closed: 2014-06-13 10:09:33 UTC
Target Upstream Version:

Attachments (Terms of Use)

Description Hubert Kario 2014-01-22 14:56:41 UTC
Description of problem:
When openssl based server or client is negotiating used cipher suite, it will use 3DES cipher before AES-128 cipher. According to Section 5.6.1 (page 63) in part 1, revision 3 of NIST SP  800-57, and also Table 2 on page 64, the 3DES cipher that uses 3 distinct keys (3TDEA) should be assigned 112 bit security margin, it is therefore less secure than the 128bit AES.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. openssl ciphers -v 
2. observe 3DES ciphers before AES-128 ciphers

Actual results:
all 3DES ciphers are listed before all AES-128 ciphers

Expected results:
3DES ciphers listed after AES-128 ciphers, either directly below AES128-SHA or directly below CAMELLIA128-SHA in current cipher order.

Additional info:

Comment 9 Ludek Smid 2014-06-13 10:09:33 UTC
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.

Note You need to log in before you can comment on or make changes to this bug.