[Ach] DH theory section
christian mock
cm at coretec.at
Wed Dec 25 19:03:41 CET 2013
On Wed, Dec 25, 2013 at 06:32:06PM +0100, Aaron Zauner wrote:
> Well. That is simply not true for the EC groups. See discussion on ECC.
I'm OK with removing them.
> Also: I’m not sure that we should provide DH parameters ourselves, since
> 1) we need to maintain those
> 2) we are not a proper authority to do so (at least in my opionion)
> 3) they have to be perfect
Nope. See the DH discussion which resulted in "use the IPSEC groups";
so I whipped up those scripts to generate them from
the numbers in the RFCs (actually, only the MODP ones), see
tools/dhparams.
1) there is not much to maintain, unless a new RFC comes out with
additional groups
2) True, but there's no other source for those as PEM files that I
could find, so in the spirit of directly usable stuff I decided to
generate the PEM files (cf tools/dhparams) to be put on the web site.
3) They have to be as perfect as other stuff we recommend -- what if
someone finds a flaw in AES or RSA?
> I recommend to just write a paragraph on how to generate them and what’s important for that security-wise. Or just get rid of the statement.
Again, see the discussion on the list, generating them oneselves seems
more risky than using those "peer reviewed" parameters.
cm.
--
Christian Mock Wiedner Hauptstr. 15
Senior Security Engineer 1040 Wien
CoreTEC IT Security Solutions GmbH +43-1-5037273
FN 214709 z
.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
CoreTEC: Web Application Audit - Damit so etwas nicht passiert!
http://heise.de/-1260559
.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
More information about the Ach
mailing list