Revision as of 05:46, 13 July 2023 edit 2603:6081:8401:110:9e4e:36ff:fe8f:1f20 (talk) →Weak ← Previous edit		Revision as of 23:38, 13 July 2023 edit undo Dimawik (talk \| contribs) Extended confirmed users 2,450 edits →Weak: sources needed Next edit →
Line 67: ===Weak=== {{sources\|section}} Examples that are not considered cryptographically strong include: * The [[Data Encryption Standard\|DES]], whose 56-bit keys allow attacks via exhaustive search. Line 79 ⟶ 80: * Most rotary ciphers, such as the [[Enigma machine]]. * Some flawed RSA implementations{{which\|date=January 2022}} exist, leading to weak, biased keys and other vulnerabilities ("[[Bleichenbacher’s attack\|Bleichenbacher Oracle]]", "ROBOT" attack). * RSA keys weaker than 2048 bits.{{cite}} * DH keys weaker than 2048 bits.{{cite}} * ECDHE keys weaker than 192 bits; also, not all known older named curves still in use for this are vetted "safe".{{cite}} * DHE/EDHE is guessable/weak when using/re-using known default prime values on the server * The [[Cipher block chaining\|CBC]] block cipher mode of operation is considered weak for TLS (the CCM/GCM modes are now recommended).{{cite}} * Some older implementations of [[Wi-Fi Protected Access]].{{cite}} ==Notes==

Strong cryptography: Difference between revisions