Re: [Cfrg] What groups to use for Diffie Hellman?
Peter Gutmann <pgut001@cs.auckland.ac.nz> Fri, 28 October 2016 01:56 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D14E129440 for <cfrg@ietfa.amsl.com>; Thu, 27 Oct 2016 18:56:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.631
X-Spam-Level:
X-Spam-Status: No, score=-4.631 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.431] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nJtFfEjEgOjz for <cfrg@ietfa.amsl.com>; Thu, 27 Oct 2016 18:56:11 -0700 (PDT)
Received: from mx4.auckland.ac.nz (mx4.auckland.ac.nz [130.216.125.248]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7112B12943E for <cfrg@irtf.org>; Thu, 27 Oct 2016 18:56:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1477619771; x=1509155771; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=hzBevbrUxfTsikSewqaMSj2cR+YSpPtYHCTxStdURWA=; b=RaGx1TTtf9RRB1mKo3MisSAptXe1gwhAxj73xYns8Pv4vAr1WM1jibdc LQ7tgyOXUDcPo0UdHpNa/Y84/HQJn1e7BgASBJeb14cKUuU2x4QTFuW4x vfWid6NYUcT9QvCia6xQuN6foL2n/yw2tmfyGQfXZB6wU3A6aWsbSE2CC 3AZNU2XylhZLylMSW8FJaovU6dAe3z1A3V1V+6CC6wRyau6gGD6S+cGOl vDSHGqRQSs4LVkNLhYIzsoeGdBylbLtzMaAW+MjUsbpenkM7thPb5qJQV 5nkFRI4X4O3kV1sgeMdf0LGJAH/AgC2ZOoPwbOC/lYijmLeFwdpnwOstD Q==;
X-IronPort-AV: E=Sophos;i="5.31,406,1473076800"; d="scan'208";a="112415267"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.3.2 - Outgoing - Outgoing
Received: from uxcn13-tdc-a.uoa.auckland.ac.nz ([10.6.3.2]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 28 Oct 2016 14:56:08 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-tdc-a.UoA.auckland.ac.nz (10.6.3.2) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Fri, 28 Oct 2016 14:56:07 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) with mapi id 15.00.1178.000; Fri, 28 Oct 2016 14:56:08 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Phillip Hallam-Baker <phill@hallambaker.com>, "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: [Cfrg] What groups to use for Diffie Hellman?
Thread-Index: AQHSMGEZY9gGeJmmR0OrS3v+ehmNA6C9HAZ9
Date: Fri, 28 Oct 2016 01:56:07 +0000
Message-ID: <1477619760320.93339@cs.auckland.ac.nz>
References: <CAMm+LwjZX=xsq7xM8Tti6u4ecNKHjXW_rsEUSV=63so816uNWw@mail.gmail.com>
In-Reply-To: <CAMm+LwjZX=xsq7xM8Tti6u4ecNKHjXW_rsEUSV=63so816uNWw@mail.gmail.com>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/a_2lWxOvImlI0ZscoQW5hYKF0Lo>
Subject: Re: [Cfrg] What groups to use for Diffie Hellman?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Oct 2016 01:56:16 -0000
Phillip Hallam-Baker <phill@hallambaker.com> writes: >I am developing using straight DH with the parameters in RFC 5114. And there's your problem. Apart from the fact that the 5114 groups are, excluding carefully-selected pathologically-bad parameter sets, the least efficient DH parameters ever published (in other words why would anyone want to use them in the first place), there are also concerns about the fact that they're created in an unverifiable manner. Just use the 3526 parameters like everyone else and you're fine. >Any ideas? Use the 3526 values, or generate your own, if you're really worried about provenance, although the 3526 ones are pretty NUMS, and have been independently verified. Peter.
- [Cfrg] What groups to use for Diffie Hellman? Phillip Hallam-Baker
- Re: [Cfrg] What groups to use for Diffie Hellman? Peter Gutmann
- Re: [Cfrg] What groups to use for Diffie Hellman? Martin Thomson
- Re: [Cfrg] What groups to use for Diffie Hellman? Peter Gutmann
- Re: [Cfrg] What groups to use for Diffie Hellman? jonas weber
- Re: [Cfrg] What groups to use for Diffie Hellman? Peter Gutmann
- Re: [Cfrg] What groups to use for Diffie Hellman? Michael StJohns
- Re: [Cfrg] What groups to use for Diffie Hellman? Phillip Hallam-Baker
- Re: [Cfrg] What groups to use for Diffie Hellman? Yoav Nir
- Re: [Cfrg] What groups to use for Diffie Hellman? Phillip Hallam-Baker
- Re: [Cfrg] What groups to use for Diffie Hellman? Peter Gutmann