Re: [TLS] Short Ephermal Diffie-Hellman keys
"Yngve N. Pettersen (Developer Opera Software ASA)" <yngve@opera.com> Mon, 14 May 2007 20:19 UTC
Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hnh0Y-00067N-OB; Mon, 14 May 2007 16:19:02 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hnh0W-00064e-At for tls@lists.ietf.org; Mon, 14 May 2007 16:19:00 -0400
Received: from sam.opera.com ([213.236.208.81]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Hnh0U-0006t1-SC for tls@lists.ietf.org; Mon, 14 May 2007 16:19:00 -0400
Received: from nimisha.oslo.opera.com (pat-tdc.opera.com [213.236.208.22]) (authenticated bits=0) by sam.opera.com (8.13.4/8.13.4/Debian-3sarge3) with ESMTP id l4EKIpRS000330 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT); Mon, 14 May 2007 20:18:51 GMT
Date: Mon, 14 May 2007 22:18:50 +0200
To: Nelson B Bolyard <nelson@bolyard.com>
Subject: Re: [TLS] Short Ephermal Diffie-Hellman keys
From: "Yngve N. Pettersen (Developer Opera Software ASA)" <yngve@opera.com>
Organization: Opera Software AS
Content-Type: text/plain; format="flowed"; delsp="yes"; charset="iso-8859-15"
MIME-Version: 1.0
References: <op.tsa3n9ttqrq7tp@nimisha.oslo.opera.com> <4648AEA2.3020506@bolyard.com>
Message-ID: <op.tsb2porfqrq7tp@nimisha.oslo.opera.com>
In-Reply-To: <4648AEA2.3020506@bolyard.com>
User-Agent: Opera Mail/9.20 (Win32)
X-Virus-Scanned: ClamAV 0.90.1/3243/Mon May 14 10:49:49 2007 on sam.opera.com
X-Virus-Status: Clean
Content-Transfer-Encoding: quoted-printable
X-MIME-Autoconverted: from 8bit to quoted-printable by sam.opera.com id l4EKIpRS000330
X-Spam-Score: 0.0 (/)
X-Scan-Signature: cab78e1e39c4b328567edb48482b6a69
Cc: tls@lists.ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
Hello Nelson, On Mon, 14 May 2007 20:46:58 +0200, Nelson B Bolyard <nelson@bolyard.com> wrote: > Yngve N. Pettersen (Developer Opera Software ASA) wrote: >> Hello all, >> >> I have recently started to see an increasing number of reports about >> SSL/TLS servers using short Ephermal Diffie-Hellman keys, in some cases >> very short ones. >> >> Opera's SSL/TLS client will display warnings to users if the server is >> using RSA/DH/DSA keys shorter than (currently) 900 bits. > > Do you mean the length of the public value? or the length of the prime > P? > > Do you really wish to disallow public values that are low numeric values > even when the prime P is adequately large? The keysize used by Opera for DH keys is calculated using OpenSSL's DH_size function, which returns the number of bytes in the "P" element of the DH (dh_st) structure, which is then multiplied by 8 (so the real size may be 7 bits lower than stated; should probably use a more low level call). Background: EVP_PKEY_bits does not return anything about DH keys, which is why DH_size is used. -- Sincerely, Yngve N. Pettersen ******************************************************************** Senior Developer Email: yngve@opera.com Opera Software ASA http://www.opera.com/ Phone: +47 24 16 42 60 Fax: +47 24 16 40 01 ******************************************************************** _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] Short Ephermal Diffie-Hellman keys Yngve N. Pettersen (Developer Opera Software ASA)
- Re: [TLS] Short Ephermal Diffie-Hellman keys Mike
- Re: [TLS] Short Ephermal Diffie-Hellman keys Nelson B Bolyard
- Re: [TLS] Short Ephermal Diffie-Hellman keys Yngve N. Pettersen (Developer Opera Software ASA)
- RE: [TLS] Short Ephermal Diffie-Hellman keys Pasi.Eronen
- Re: [TLS] Short Ephermal Diffie-Hellman keys Dr Stephen Henson
- [TLS] Re: Short Ephermal Diffie-Hellman keys Simon Josefsson
- Re: [TLS] Short Ephermal Diffie-Hellman keys Bodo Moeller
- Re: [TLS] Short Ephermal Diffie-Hellman keys jimmy
- Re: [TLS] Short Ephermal Diffie-Hellman keys Bodo Moeller
- RE: [TLS] Re: Short Ephermal Diffie-Hellman keys Pasi.Eronen
- Re: [TLS] Short Ephermal Diffie-Hellman keys Dr Stephen Henson
- [TLS] Re: Short Ephermal Diffie-Hellman keys Simon Josefsson
- Re: [TLS] Short Ephermal Diffie-Hellman keys Nelson B Bolyard
- Re: [TLS] Short Ephermal Diffie-Hellman keys Bodo Moeller
- Re: [TLS] Short Ephermal Diffie-Hellman keys Russ Housley
- Re: [TLS] Short Ephermal Diffie-Hellman keys Bodo Moeller
- Re: [TLS] Short Ephermal Diffie-Hellman keys Peter Gutmann
- [TLS] RE: Short Ephermal Diffie-Hellman keys Pasi.Eronen
- Re: [TLS] Short Ephermal Diffie-Hellman keys Eric Rescorla
- Re: [TLS] Short Ephermal Diffie-Hellman keys Bodo Moeller
- Re: [TLS] Short Ephermal Diffie-Hellman keys Russ Housley
- Re: [TLS] Short Ephermal Diffie-Hellman keys Bodo Moeller
- Re: [TLS] Short Ephermal Diffie-Hellman keys Russ Housley
- Re: [TLS] Short Ephermal Diffie-Hellman keys Peter Gutmann