Fwd: Tor security advisory: DH handshake flaw
Ben Laurie
ben at algroup.co.uk
Tue Aug 23 07:40:17 EDT 2005
Tero Kivinen wrote:
> Hal Finney writes:
>
>>Several programs to implement ECPP can be found from
>>http://primes.utm.edu/links/programs/seeking_large_primes/. I don't
>>know about source code however. It might be interesting to run these
>>over some of the Oakley primes and publish the certs - I vaguely recall
>>seeing something like that in an RFC.
>
>
> All the Oakley primes have been proven to be prime, and the
> certificates are available at the
> ftp://ftp.ssh.com/pub/ietf/ecpp-certificates/. Some of those number
> have both ECPP and Primo certificates and the bigger primes have only
> Primo certificates (primes bigger than 4096 bits).
>
> When I was writing RFC 3526, I first planned to add those primality
> proofs to the document, but as for example the proof of 8192 bit prime
> is around 1.3MB, it would have made that document quite boring...
>
> The draft of RFC 3526 used to have url reference to ftp.ssh.com, but
> that it was removed by the AD during the IESG evaluation as
> "references where are only URL's are problematic".
Hmmm ... better remove all references to RFCs, then! :-)
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list