Re: [TLS] Re: TLS 1.2 draft
Martin Rex <martin.rex@sap.com> Wed, 07 March 2007 14:26 UTC
Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HOx6P-0004fk-M5; Wed, 07 Mar 2007 09:26:49 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HOx6N-0004eu-Vx for tls@ietf.org; Wed, 07 Mar 2007 09:26:47 -0500
Received: from smtpde03.sap-ag.de ([155.56.68.140]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HOx6M-0007Vh-KC for tls@ietf.org; Wed, 07 Mar 2007 09:26:47 -0500
Received: from sap-ag.de (smtpde03) by smtpde03.sap-ag.de (out) with ESMTP id PAA28033; Wed, 7 Mar 2007 15:26:12 +0100 (MEZ)
From: Martin Rex <martin.rex@sap.com>
Message-Id: <200703071422.PAA28929@uw1048.wdf.sap.corp>
Subject: Re: [TLS] Re: TLS 1.2 draft
To: smb@cs.columbia.edu
Date: Wed, 07 Mar 2007 15:22:04 +0100
In-Reply-To: <20070307120819.2FE5176612D@berkshire.machshav.com> from "Steven M. Bellovin" at Mar 7, 7 07:08:19 am
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
X-SAP: out
X-SAP: out
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228
Cc: simon@josefsson.org, tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: martin.rex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
Steven M. Bellovin wrote: > > On Wed, 07 Mar 2007 10:53:00 +0100 > Simon Josefsson <simon@josefsson.org> wrote: > > > Eric Rescorla <ekr@networkresonance.com> writes: > > > > > What I'm saying is that the recommendation to prevent his attack > > > is to use an RSA_DHE ciphersuite > > > > I agree with that. However, if I remember correctly, DHE key > > exchanges are generally slower than plain RSA key exchanges with > > temporary keys, although it depends on the DH group size. > > The problem is generating the two large primes for the RSA key pair. I agree that a full RSA keygen, in particular for same-size (>=1024 bit) temporary RSA keypairs as the servers certificate is a sure performance-killer. However, the protocol does not preclude the use of an SSL servers temporary keypair for multiple handshakes, say one or a few hours. SSH servers have been doing this for years. I admit to have very little experience with most crypto math and never implemented cryptographic algorithms myself. I do maintenance on code that implements RSA, but I have never looked at code for DH, so I can not really comment on that. -Martin _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] TLS 1.2 draft EKR
- Re: [TLS] TLS 1.2 draft Nelson B Bolyard
- Re: [TLS] TLS 1.2 draft EKR
- Re: [TLS] TLS 1.2 draft Nelson B Bolyard
- [TLS] Re: TLS 1.2 draft Simon Josefsson
- RE: [TLS] TLS 1.2 draft (issue #25 about SSLv2 He… Pasi.Eronen
- Re: [TLS] TLS 1.2 draft (issue #25 about SSLv2 He… Mike
- Re: [TLS] TLS 1.2 draft (issue #25 about SSLv2 He… EKR
- Re: [TLS] Re: TLS 1.2 draft Wan-Teh Chang
- Re: [TLS] TLS 1.2 draft Martin Rex
- Re: [TLS] TLS 1.2 draft EKR
- Re: [TLS] TLS 1.2 draft Martin Rex
- Re: [TLS] TLS 1.2 draft Eric Rescorla
- Re: [TLS] TLS 1.2 draft Dr Stephen Henson
- Re: [TLS] Re: TLS 1.2 draft Dr Stephen Henson
- [TLS] Re: TLS 1.2 draft Simon Josefsson
- Re: [TLS] Re: TLS 1.2 draft Steven M. Bellovin
- RE: [TLS] TLS 1.2 draft Pasi.Eronen
- RE: [TLS] Re: TLS 1.2 draft Pasi.Eronen
- Re: [TLS] Re: TLS 1.2 draft Martin Rex
- RE: [TLS] Re: TLS 1.2 draft Pasi.Eronen
- RE: [TLS] TLS 1.2 draft (issue #25 about SSLv2 He… Pasi.Eronen
- Re: [TLS] Re: TLS 1.2 draft Wan-Teh Chang
- [TLS] Re: TLS 1.2 draft EKR