Deutsch | English

[Ach] dhparam regeneration

A. Schulze sca at andreasschulze.de
Tue Nov 11 08:29:36 CET 2014


Hello,

most documentation on DH parameter mention only how to *generate* them  
using openssl.

I like to know if
- it make sense at all to renew these dh parameter file from time to time
- and if so, which time span is reasonable.

I also learned these days that using the same DH parameter file on  
multiple hosts is not advised, too.

Could someone with more crypto-experience tell something about that?

Maybe bettercrypto.org ( Topic 3.7 "A note on Diffie Hellman Key  
Exchanges", Page 67 )
could be more detailed.

Andreas





More information about the Ach mailing list
Kontakt
Email: reports@cert.at
Tel.: +43 1 5056416 78
mehr ...
Warnungen
mehr ...
Blog
mehr ...
Jahresbericht 2017
Ein Resumee zur digitalen Sicherheitslage in Österreich

(HTML, PDF).
Letzte Änderung: 2018/5/28 - 15:00:00
Haftungsausschluss / Datenschutzerklärung