[Ach] DH theory section
Aaron Zauner
azet at azet.org
Wed Dec 25 18:32:06 CET 2013
Hi,
It states here that
“””
Where configurable, we recommend using the Diffie Hellman groups defined for IKE, specifically groups 14-18 (2048–8192 bit MODP, [KK03]) and 19-21 (256–521 bit elliptic curve DH, [FS10]). These groups have been checked by many eyes and can be assumed to be secure.
“””
Well. That is simply not true for the EC groups. See discussion on ECC.
Also: I’m not sure that we should provide DH parameters ourselves, since
1) we need to maintain those
2) we are not a proper authority to do so (at least in my opionion)
3) they have to be perfect
I recommend to just write a paragraph on how to generate them and what’s important for that security-wise. Or just get rid of the statement.
Aaron
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1091 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131225/f8427d11/attachment.sig>
More information about the Ach
mailing list