Bernhard.Linz/openvpn-install
1
0
Fork 0
mirror of https://github.com/angristan/openvpn-install.git synced 2024-09-27 22:51:36 +02:00
Code Issues Projects Releases Wiki Activity

AES-256 is not necessarily the most secure cipher

Browse Source 
Indeed, it it most vulnerable to Timing Attacks : https://en.wikipedia.org/wiki/Length_extension_attack

Also, AES 128 is secure enough for every one, so it's still the recommended cipher.
This commit is contained in:
Angristan 2016-12-04 17:21:41 +01:00 committed by GitHub
parent 56477bba34
commit 7a5bb93cbe
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
openvpn-install.sh
View File

@ -221,9 +221,9 @@ else
echo "and are still viable to date, unlike some default OpenVPN options" echo "and are still viable to date, unlike some default OpenVPN options"
echo '' echo ''
echo "Choose which cipher you want to use for the data channel:" echo "Choose which cipher you want to use for the data channel:"
echo " 1) AES-128-CBC (fastest, recommended)" echo " 1) AES-128-CBC (fastest and sufficiently secure for everyone, recommended)"
echo " 2) AES-192-CBC" echo " 2) AES-192-CBC"
echo " 3) AES-256-CBC (most secure)" echo " 3) AES-256-CBC"
echo "Alternatives to AES, use them only if you know what you're doing." echo "Alternatives to AES, use them only if you know what you're doing."
echo "They are relatively slower but as secure as AES." echo "They are relatively slower but as secure as AES."
echo " 4) CAMELLIA-128-CBC" echo " 4) CAMELLIA-128-CBC"