[Ach] DH theory section
L. Aaron Kaplan
kaplan at cert.at
Wed Dec 25 18:59:46 CET 2013
On Dec 25, 2013, at 6:32 PM, Aaron Zauner <azet at azet.org> wrote:
> Hi,
>
> It states here that
> “””
> Where configurable, we recommend using the Diffie Hellman groups defined for IKE, specifically groups 14-18 (2048–8192 bit MODP, [KK03]) and 19-21 (256–521 bit elliptic curve DH, [FS10]). These groups have been checked by many eyes and can be assumed to be secure.
> “””
> Well. That is simply not true for the EC groups. See discussion on ECC.
>
> Also: I’m not sure that we should provide DH parameters ourselves, since
> 1) we need to maintain those
ACK, can'd to
> 2) we are not a proper authority to do so (at least in my opionion)
ACK
> 3) they have to be perfect
>
ACK
> I recommend to just write a paragraph on how to generate them and what’s important for that security-wise. Or just get rid of the statement.
>
I'd simply get rid of that statement and reference an authoritative paper on it.
My 2 cents,
a.
>
> Aaron
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
---
// L. Aaron Kaplan <kaplan at cert.at> - T: +43 1 5056416 78
// CERT Austria - http://www.cert.at/
// Eine Initiative der nic.at GmbH - http://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131225/a95a5f8d/attachment.sig>
More information about the Ach
mailing list