[Ach] Project Status

Jan Hill jan at jan-hill.com
Sun Jan 25 13:04:02 CET 2015

Next try to help to solve a TODO in the dokument ;-)


-------- Weitergeleitete Nachricht --------
Betreff: 	AppliedCryptoHardening: Java 7 DH-parameterlength
Datum: 	Fri, 03 Jan 2014 22:05:34 +0100
Von: 	Jan Hill <jan at jan-hill.com>
An: 	ach at lists.cert.at


first of all thank you for:
"AppliedCryptoHardening" :-)

In the paper I found this (page 52):

"We could not verify yet if installing JCE also fixes the Java7
DH-parameterlength limitation(1024bit). TODO:do that!"

In my opinion there is a limitation to 1024 also with the strong
encryption jars:


There ar some open issues in the tracker, but I can't send a link, looks
like the Bugtracker is down :(

In Java 8 is a bugfix up to 2048, I think this was included from b56 or
b58. I can't send a link, looks like the Bugtracker is down :(



Am 25.01.2015 um 00:18 schrieb Aaron Zauner:
> Hi,
> I've merged a couple of long-open now reviewed (thx to kronos, sebix)
> PRs from GitHub to our upstream repo:
> https://git.bettercrypto.org/ach-master.git/log/HEAD
> On GitHub there're still a couple of PRs that need review (i.e. in
> addition to mine), if you have some spare time and would like to help
> out please do so over here:
> https://github.com/BetterCrypto/Applied-Crypto-Hardening/pulls
> For the time being I'm very busy with research and customers (need to
> pay my bills as well, right? :)). I'd really like to have more people
> actively working on this project again. One thing is pretty certain:
> with so many moving targets, this document will always be in DRAFT
> phase. But it urgently needs cleanup and review by all the people that
> promised to review about a year ago by now (I hope I still remember all
> of them). So,.. we need help. If you're already on this mailing list and
> have never thought about contributing - it's your time to shine!
> ..Or simply spread the word. I'm sure there are hackers around looking
> for another project to contribute to.
> Hope everybody is doing well,
> Aaron (azet)
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20150125/15e792f9/attachment.html>

More information about the Ach mailing list