margin.
@item SECURE128 @tab
-Means all "secure" ciphersuites of security level 128-bit
-or more.
+Means all "secure" ciphersuites that offer a
+security level 128-bit or more and a message authenticity
+security level of 80 bits or more.
@item SECURE192 @tab
-Means all "secure" ciphersuites of security level 192-bit
-or more.
+Means all "secure" ciphersuites that offer a
+security level 192-bit or more and a message authenticity
+security level of 128 bits or more.
@item SECURE256 @tab
Currently alias for SECURE192.
In key exchange algorithms when in NORMAL or SECURE levels the
perfect forward secrecy algorithms take precedence of the other
protocols. In all cases all the supported key exchange algorithms
- are enabled (except for the RSA-EXPORT which is only enabled in
-EXPORT level).
+are enabled@footnote{Except for the RSA-EXPORT which is only enabled in
+EXPORT level.}.
+
+Note that the SECURE levels distinguish between overall security level and
+message authenticity security level. That is because the message
+authenticity security level requires the adversary to break
+the algorithms at real-time during the protocol run, whilst
+the overall security level refers to off-line adversaries
+(e.g. adversaries breaking the ciphertext years after it was captured).
+
The NONE keyword, if used, must followed by the algorithms to be enabled,
and is used to provide the exact list of requested algorithms@footnote{To avoid collisions in order to specify a compression algorithm in
this string you have to prefix it with "COMP-", protocol versions
GNUTLS_CIPHER_AES_128_CBC,
GNUTLS_CIPHER_CAMELLIA_128_CBC,
GNUTLS_CIPHER_AES_128_GCM,
- GNUTLS_CIPHER_3DES_CBC,
+ GNUTLS_CIPHER_AES_256_CBC,
+ GNUTLS_CIPHER_CAMELLIA_256_CBC,
+ GNUTLS_CIPHER_AES_256_GCM,
0
};
};
static const int mac_priority_secure128[] = {
+ GNUTLS_MAC_SHA1,
GNUTLS_MAC_SHA256,
GNUTLS_MAC_SHA384,
GNUTLS_MAC_AEAD,