[Cryptography] DH non-prime kills "socat" command security
Ron Garret
ron at flownet.com
Fri Feb 5 12:03:07 EST 2016
On Feb 4, 2016, at 6:30 PM, Henry Baker <hbaker1 at pipeline.com> wrote:
> There is an outstanding problem: if we all use the same primes, large nation-states can build log (rainbow-like) tables for these primes; if we use different primes, we then have to prove to our correspondent that the "prime" we propose is really prime. Generating such primes and generating such easily-checkable proofs appears to take too much time for normal HTTPS ecommerce.
I have long considered this one of the strongest arguments for switching to ECC, and curve25519 in particular because you don’t even need to validate the curve point.
rg
More information about the cryptography
mailing list