IETF Logo Mail Archive

RE: [TLS] Re: Short Ephermal Diffie-Hellman keys

<Pasi.Eronen@nokia.com> Tue, 15 May 2007 13:50 UTC

Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HnxQ2-0003qB-Hx; Tue, 15 May 2007 09:50:26 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HnxQ0-0003p2-EK for tls@lists.ietf.org; Tue, 15 May 2007 09:50:24 -0400
Received: from smtp.nokia.com ([131.228.20.173] helo=mgw-ext14.nokia.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HnxPy-0006QY-VB for tls@lists.ietf.org; Tue, 15 May 2007 09:50:24 -0400
Received: from esebh105.NOE.Nokia.com (esebh105.ntc.nokia.com [172.21.138.211]) by mgw-ext14.nokia.com (Switch-3.2.5/Switch-3.2.5) with ESMTP id l4FDo1Zp030250; Tue, 15 May 2007 16:50:14 +0300
Received: from esebh104.NOE.Nokia.com ([172.21.143.34]) by esebh105.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 15 May 2007 16:50:14 +0300
Received: from esebe105.NOE.Nokia.com ([172.21.143.53]) by esebh104.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 15 May 2007 16:50:14 +0300
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [TLS] Re: Short Ephermal Diffie-Hellman keys
Date: Tue, 15 May 2007 16:50:13 +0300
Message-ID: <B356D8F434D20B40A8CEDAEC305A1F2404229A6B@esebe105.NOE.Nokia.com>
In-Reply-To: <87y7jqckh2.fsf@mocca.josefsson.org>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [TLS] Re: Short Ephermal Diffie-Hellman keys
Thread-Index: AceW8MBDUflNK2N8TuWjS/DDI/ZxNAABqxrQ
References: <op.tsa3n9ttqrq7tp@nimisha.oslo.opera.com><46488F24.4020304@pobox.com><B356D8F434D20B40A8CEDAEC305A1F24041FA7FF@esebe105.NOE.Nokia.com><4649A374.8040805@drh-consultancy.demon.co.uk> <87y7jqckh2.fsf@mocca.josefsson.org>
From: Pasi.Eronen@nokia.com
To: simon@josefsson.org, tls@lists.ietf.org
X-OriginalArrivalTime: 15 May 2007 13:50:14.0256 (UTC) FILETIME=[F6A6BF00:01C796F7]
X-Nokia-AV: Clean
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 7d33c50f3756db14428398e2bdedd581
Cc:
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

Simon Josefsson wrote:

> Some applications that use GnuTLS (I believe Exim is an example)
> have a separate script invoked once every day (or similar) to
> re-generate the DH parameters.  This approach works fine even if
> getting the entropy is a bottle-neck, since it allows servers to
> continue to run using the earlier DH parameters until the new
> parameters have been generated.

BTW, why do you generate new DH parameters in the first place?

Earlier I suggested that TLS 1.2 spec should probably recommend just
hardcoding some of the groups from RFC 3526 (i.e., recommend against
generating DH parameters). This would simplify code and provide less
opportunities for getting things wrong (e.g. very small primes seen by
Yngve; small subgroup attacks; etc.).

http://www1.ietf.org/mail-archive/web/tls/current/msg01115.html

Best regards,
Pasi

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email