ssleuth icon indicating copy to clipboard operation
ssleuth copied to clipboard

Published 20 hours ago verified publisher icon sibiantony

ECDHE - ephemeral is missing in long description

Open rugk opened this issue 9 years ago • 4 comments

ecdhe

As you can see it uses ECDHE for the key exchange. In the long part you describe it as "Elliptic curve Diffie–Hellman". However ECDHE is actually the ephemeral version of it. It's very important to distinguish them as they are both (ECDH and ECDHE) possible and only the ephemeral version provides Forward Secrecy.

Sources:

  • http://openssl.6102.n7.nabble.com/ECDH-vs-ECDHE-td19768.html
  • https://en.wikipedia.org/wiki/Elliptic_curve_Diffie%E2%80%93Hellman
  • https://security.stackexchange.com/questions/50878/ecdsa-vs-ecdh-vs-ed25519-vs-curve25519
  • https://security.stackexchange.com/questions/33233/ecdh-and-forward-secrecy

rugk avatar Nov 08 '15 20:11 rugk

Not just in ECDHE, in DHE to. And yes I failed something with the Link to the pull request ;)

Der-Orden avatar Nov 08 '15 22:11 Der-Orden

Just copy & paste the URL. Fixed by https://github.com/sibiantony/ssleuth/pull/47

rugk avatar Nov 09 '15 20:11 rugk

Indeed, it is the ephemeral keys that guarantee the PFS score. It was simply not displayed for many reasons. Firefox stopped supporting all "ecdh" and "dh" key exchange some time ago. So if the key exchange is Diffie-Hellmann it is based on ephemeral keys. If you look at the list of supported ciphersuites it's only dhe, ecdhe or rsa for key exchange.

Adding text 'ephemeral' makes the key exchange line lengthy without word wrapping around panel width - but that's not much of an argument, and I would as well prefer to show as much detail as possible.

That said, If you've a better place where to display 'ephemeral' (after Perfect Forward Secrecy etc), do share it. Or else, I'll just merge the above PR, which is the easiest way to go.

sibiantony avatar Nov 09 '15 21:11 sibiantony

Firefox stopped supporting all "ecdh" and "dh" key exchange some time ago. [...] If you look at the list of supported ciphersuites it's only dhe, ecdhe or rsa for key exchange.

You're right. Interesting...

but that's not much of an argument, and I would as well prefer to show as much detail as possible.

Yes especially as it could confuse/mislead users if they search for it and find different results than they expected.

That said, If you've a better place where to display 'ephemeral' (after Perfect Forward Secrecy etc), do share it.

No, not really. Maybe a way with tooltips or so (which would have to be applied for everything there, so a major UI redesign would be needed), but practically: No.

rugk avatar Nov 09 '15 23:11 rugk