oss-sec mailing list archives
Re: Prime example of a can of worms
From: Seth Arnold <seth.arnold () canonical com>
Date: Mon, 19 Oct 2015 12:34:11 -0700
On Mon, Oct 19, 2015 at 12:24:40AM -0400, Alex Gaynor wrote:
I think we can have a far simpler rule: use of DH at <= 1024 bits gets a CVE, the same way 512-bit RSA, or DES would.
Should there be any middle-ground for how much use a specific value gets? Part of the weakdh gift is the reconition that randomly generated 1024 bit primes might be fine for one router or website to use but is terrible when used by millions and might repay the cost to crack it. Do we allow 1024-bit dhparams when they are randomly generated? Or do we also want to move these to e.g. 2048 out of abundance of caution? (I don't share Kurt's pessimism on generating DH primes, though that does come with the caveat that they should only be generated on systems that have been running long enough to collect enough entropy for random number generation to work well.) Thanks
Attachment:
signature.asc
Description: Digital signature
Current thread:
- Prime example of a can of worms Kurt Seifried (Oct 18)
- Re: Prime example of a can of worms Alex Gaynor (Oct 18)
- Re: Prime example of a can of worms Matt U (Oct 18)
- Re: Prime example of a can of worms Seth Arnold (Oct 19)
- Re: Prime example of a can of worms Kurt Seifried (Oct 19)
- Re: Prime example of a can of worms Tim (Oct 19)
- Re: Prime example of a can of worms Daniel Kahn Gillmor (Oct 19)
- Re: Prime example of a can of worms Kurt Seifried (Oct 19)
- Re: Prime example of a can of worms Daniel Kahn Gillmor (Oct 19)
- Re: Prime example of a can of worms Brad Knowles (Oct 20)
- Re: Prime example of a can of worms Kurt Seifried (Oct 20)
- Re: Prime example of a can of worms gremlin (Oct 20)
- Re: Prime example of a can of worms Alex Gaynor (Oct 18)
- Re: Prime example of a can of worms Matthias Weckbecker (Oct 21)
- Re: Prime example of a can of worms Kurt Seifried (Oct 21)