[Ach] [cryptography] Diffie-Hellman Params Best Practice on Web Server?

Pepi Zawodsky pepi.zawodsky at maclemon.at
Wed Dec 11 16:48:52 CET 2013

Food for thought…
When everybody usese the same DH parameters it becomes worthwhile to brute force them, since if you manage to crack them, you get a lot of traffic you can access. More diversity makes that a broader target with less benefit to invest money/cycles/efforts into.

That of course is not a really cryptographically sound reasoning.
Best regards

On 11.12.2013, at 02:28, Aaron Zauner <azet at azet.org> wrote:
> reason to generate your own DH params

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131211/b5e7ac7b/attachment.sig>

More information about the Ach mailing list