[Cryptography] How often should the DH group be changed?
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue Mar 11 02:26:46 EDT 2025
Pierre Abbat <phma at bezitopo.org> writes:
>Let's say that there's a group of computers that maintain network connections
>to each other, and they send information to each other encrypted with a
>symmetric cipher whose key is agreed to with the Diffie-Hellman key exchange.
>Every n days they pick a new group at random. How often should they change the
>group for various sizes of the Diffie-Hellman group? I'd like to know both for
>the multiplicative part of a prime field and for an elliptic curve.
What's your threat model? Without that, the answer is "anything from never to
every time there's a new connection".
Also, in terms of security things to worry about, this is about No.4,773 on
the list.
Peter.
More information about the cryptography
mailing list