[Swan-dev] Fwd: [Cryptography] on brute forcing 3DES to attack SIMs
Paul Wouters
paul at nohats.ca
Fri Jan 2 17:08:36 EET 2015
On Fri, 2 Jan 2015, Paul Wouters wrote:
> I understand it's not broken yet. But 3DES was basically replaced by
> AES_CBC which was replace by AES_GCM. I'm not saying to remove support,
> but I think for IKEv2 (not IKEv1) we should really consider removing
> 3des, md5 and sha1 from the default proposal set, and add aes_gcm and
> sha2_256/sha2_512.
Oh, and probably change DH group 2,5,14 to something newer like at the
very least drop DH2 (modp1024) but probably add group 18 (8192 modp)
and group 24 (2048-bit MODP Group with 256-bit Prime Order Subgroup)
Paul
More information about the Swan-dev
mailing list