[Cryptography] Interesting discussion over on oss-security re: primes

Dave Horsfall dave at horsfall.org
Mon Oct 19 17:54:49 EDT 2015


Normally a fairly boring list (talking about open systems software), this 
is an interesting thread.

Might be worth a look for the bods here.

-- 
Dave Horsfall DTM (VK2KFU)  "Those who don't understand security will suffer."

---------- Forwarded message ----------
Reply-To: oss-security at lists.openwall.com
Subject: Re: [oss-security] Prime example of a can of worms

> Should there be any middle-ground for how much use a specific value 
> gets? Part of the weakdh gift is the reconition that randomly generated 
> 1024 bit primes might be fine for one router or website to use but is 
> terrible when used by millions and might repay the cost to crack it.
> 
> Do we allow 1024-bit dhparams when they are randomly generated? Or do we 
> also want to move these to e.g. 2048 out of abundance of caution?

we don't just want 1024-bit primes; we want 1024-bit safe primes (p = 
2q+1, where both p and q are prime), because their structure makes it easy 
for both peers to avoid a small subgroup attack.

[...]



More information about the cryptography mailing list