[Cryptography] Fwd: freedom-to-tinker.com: How is NSA breaking so much crypto?
Dan McDonald
danmcd at kebe.com
Thu Oct 15 15:03:27 EDT 2015
On Thu, Oct 15, 2015 at 02:28:38PM -0400, Arnold Reinhold wrote:
>
> This article suggests that the widespread use of a common prime modulus in
> Diffie-Hellman may be the weakness NSA is exploiting to break much Internet
> traffic.
I also wonder how long it'll be until it works with 1536-bit modulii or
larger. Also, about 6 years ago, there was an RFC for DH groups with larger
generators. We got those, AND ECC, into Solaris/OpenSolaris well before
Oracle hit the fan. I suspect that also will help.
I'm SO glad we shipped S9 with 1536-bit DH, and got 2048, 4096, and ECC in
before the Lawnmower showed up (even if the illumos IKE is a
closed-binary...). Pity we missed updating certs to use hashes beyond
sha-1. OTOH, for self-signed it isn't as important, neither is it for
preshared.
Dan (dusting off his IPsec cap...)
More information about the cryptography
mailing list