IETF Logo Mail Archive

Re: [TLS] Short Ephermal Diffie-Hellman keys

Nelson B Bolyard <nelson@bolyard.com> Tue, 15 May 2007 16:44 UTC

Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ho08Z-0004MJ-8E; Tue, 15 May 2007 12:44:35 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ho08Y-0004ME-0v for tls@lists.ietf.org; Tue, 15 May 2007 12:44:34 -0400
Received: from smtpout1484.sc1.he.tucows.com ([64.97.157.184] helo=n034.sc1.he.tucows.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Ho08W-000251-Cj for tls@lists.ietf.org; Tue, 15 May 2007 12:44:33 -0400
Received: from [192.168.0.5] (24.6.51.98) by n034.sc1.he.tucows.com (7.2.069.1) (authenticated as nelson@bolyard.com) id 4630CE3D00329963; Tue, 15 May 2007 16:44:24 +0000
Message-ID: <4649E35B.4030809@bolyard.com>
Date: Tue, 15 May 2007 09:44:11 -0700
From: Nelson B Bolyard <nelson@bolyard.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a4pre) Gecko/20070418 SeaMonkey/1.5a
MIME-Version: 1.0
To: Dr Stephen Henson <lists@drh-consultancy.demon.co.uk>
Subject: Re: [TLS] Short Ephermal Diffie-Hellman keys
References: <op.tsa3n9ttqrq7tp@nimisha.oslo.opera.com> <4648AEA2.3020506@bolyard.com> <20070515130804.GA15682@tau.invalid> <4649D2FD.2020309@drh-consultancy.demon.co.uk>
In-Reply-To: <4649D2FD.2020309@drh-consultancy.demon.co.uk>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7a6398bf8aaeabc7a7bb696b6b0a2aad
Cc: tls@lists.ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

Dr Stephen Henson wrote:
> Bodo Moeller wrote:
>> It's only shorter secret values (DH exponents) that can be used in a
>> secure way.  But then the client coudn't easily reject these anyway.
> 
> Speaking of which what do people think about including the sub prime
> value (aka "q") as an optional value in DH parameters in a TLS 1.2
> handshake?

How does that help the recipient?  How does the recipient use that info?

Safe primes (where (P-1)/2 is also prime) are commonly used for DH primes.
Is sending Q helpful for such primes?

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email