Peregrine

While we’re on the subject of browser safety, please, everyone follow this advice: turn off SSL v2 support in every web browser you use. The default configurations of almost all web browsers still leave SSL2 support on for backwards compatibility. There is no such thing as a legitimate encrypted website that uses SSL2, which is completely insecure. Since there is a small flaw in SSL3 that can let an attacker trick any program using SSL3 into “falling back” to SSL2, if you don’t take my advice, you could be using SSL2 and not even know it.

I also disable all SSL3/TLS encryption suites that provide less than 128 bits of key and all 3DES (a.k.a. triple-DES, DES EDE mode or TDES) sets. This is not just because 3DES is insecure, but also because 3DES is so slow. It consumes significantly more processing time and doesn’t really provide much better security than standard CBC mode DES. It’s just not worth the overhead. In addition, there are several vulnerabilities in both 3-key & 2-key 3DES that significantly reduce the complexity to brute-force them. 3DES is not considered a safe protocol.

In their paper titled, “Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES“, John Kelsey, Bruce Schneier and David Wagner describe one weakness found in 3-key 3DES that isn’t present in 2-key 3DES (among other interesting things).

From what I’ve read in the past about browser 3DES support, although nearly all browsers say they use 168 bit 3DES keys (3-key 3DES), many actually use(d) 2-key 3DES (112 bit). I’m not sure how true or false this is in modern browsers, I’ll have to do further research to find out.