Re: Weak DH primes and openssh

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Fri, 29 May 2015, Hubert Kario wrote:

> Not really, no.
> 
> We can use this time an initial seed of "OpenSSH 1024 bit prime, attempt #1".
> Next time we generate the primes we can use the initial seed of "2017 OpenSSH 
> 1024 bit prime, attempt #1", but we can use just as well a "2nd generation 
> OpenSSH 1024 bit DH parameters, try number 1". Then we can also change the 
> algorithm to use this seed for M-R witnesses, or not. Then we can use SHA-512 
> instead of SHA-256, or some SHA-3 variant.

If you're constantly changing the parameters, then this is the opposite of
NUMS. Anyway, I don't think a NUMS-like approach is necessary. It certainly
isn't with users independently generating primality certificates.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux