> - From what I've been able to find, this is a bit overstated. > > There is *one* random number algorithm (Dual_EC_DRBG) associated with > ECC that is believed to have been compromised. That it appeared > is compromised: http://blog.0xbadc0de.be/archives/155 > vulnerable has long been known; Bruce Schneier wrote about it in 2007. > It also happens to be inefficient and so is not widely used (but a few > commercial products use it). > > Apache uses it on some rare cases like 'apache2 uses NID_X9_62_prime256v1 for the ECDH exchange' My idea is to enable EC on centos due to PFS and better encryption levels -- Eero _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: Elliptic curve on Centos 6.x
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: Elliptic curve on Centos 6.x
- From: Eero Volotinen <eero.volotinen@xxxxxx>
- Date: Fri, 3 Jan 2014 03:21:28 +0200
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <52C60CE6.8000901@parts-unknown.org>
- References:
- Elliptic curve on Centos 6.x
- From: Eero Volotinen
- Re: Elliptic curve on Centos 6.x
- From: m . roth
- Re: Elliptic curve on Centos 6.x
- From: David Benfell
- Elliptic curve on Centos 6.x
- Prev by Date: Re: Elliptic curve on Centos 6.x
- Next by Date: Re: Elliptic curve on Centos 6.x
- Previous by thread: Re: Elliptic curve on Centos 6.x
- Next by thread: Re: Elliptic curve on Centos 6.x
- Index(es):
 |