[Ach] DH theory section

L. Aaron Kaplan kaplan at cert.at
Wed Dec 25 18:59:46 CET 2013

On Dec 25, 2013, at 6:32 PM, Aaron Zauner <azet at azet.org> wrote:

> Hi,
> It states here that
> “””
> Where configurable, we recommend using the Diffie Hellman groups defined for IKE, specifically groups 14-18 (2048–8192 bit MODP, [KK03]) and 19-21 (256–521 bit elliptic curve DH, [FS10]). These groups have been checked by many eyes and can be assumed to be secure.
> “””
> Well. That is simply not true for the EC groups. See discussion on ECC.
> Also: I’m not sure that we should provide DH parameters ourselves, since
> 	1) we need to maintain those
ACK, can'd to

> 	2) we are not a proper authority to do so (at least in my opionion)
> 	3) they have to be perfect
> I recommend to just write a paragraph on how to generate them and what’s important for that security-wise. Or just get rid of the statement.

I'd simply get rid of that statement and reference an authoritative paper on it.

My 2 cents,

> Aaron
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach

// L. Aaron Kaplan <kaplan at cert.at> - T: +43 1 5056416 78
// CERT Austria - http://www.cert.at/
// Eine Initiative der nic.at GmbH - http://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131225/a95a5f8d/attachment.sig>

More information about the Ach mailing list