Re: Weak DH primes and openssh

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Fri 2015-05-22 00:06:29 -0400, Darren Tucker wrote:
> On Thu, May 21, 2015 at 11:26 PM, Matthew Vernon <matthew@xxxxxxxxxx> wrote:
>>
>> You will be aware of https://weakdh.org/ by now, I presume; the
>> take-home seems to be that 1024-bit DH primes might well be too weak.
>> I'm wondering what (if anything!) you propose to do about this issue,
>> and what Debian might do for our users?
>
> Would you (and any other vendors) consider generating your own moduli file
> for your distribution?  If a few vendors did that it'd increase the
> diversity quite a lot and it'd stop us (well, specifically me) being the
> point of failure for not making updates.

(thanks for making the recent moduli update, Darren!)

This is an interesting proposal as a way to increase group diversity,
but it also creates a non-obvious fingerprinting channel.  That is,
distro-specific groups would provide a way that someone scanning to find
out what distro is in use can make a more accurate guess based on the
primes offered.

I grant that debian's current patches that add the debian revision
themselves provide a fingerprinting mechanism, but those can be disabled
on Debian with "DebianBanner no" in sshd_config.  We'd want to make sure
that distro-specific moduli don't re-introduce fingerprinting for
operators who want to hide their choice of distro.

          --dkg

PS Darren, has there been any attempt at generating primality proofs for
   the values in ./moduli, as opposed to 100 rounds of Miller-Rabin?  It
   would be a shame for a pseudoprime to slip in, however unlikely that
   would be.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux