Re: Security of DH in TLS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The subject is much clearer to me now, thank you.

The EC key you mentioned is not created manually, correct?
This key is a result of ECC, which is done by OpenSSL.

So if I set up a server offering TLS connections and only offer ECDH/ECDHE, no additional data has to be generated manually, correct?

Kind regards,
SaAtomic


26. Jul 2017 10:14 by paulyang.inf@xxxxxxxxx:

On 26 Jul 2017, at 15:56, SaAtomic <saatomic@xxxxxxxxxx> wrote:

Thanks for the reply.
I'm still not sure I understand this correctly.

So the length of modulus is the essential part, determining the security of the DH, right?

Mostly.
With ECC, this is defined by the used curves.
Without ECC, this is determined by the DH parameters (from the .pem file I mentioned).

If a server only supported ECDH or ECDHE, the DH parameters (.pem) file wouldn't even be needed.

Yes, in that case, you only need an EC key (and also EC parameters to generate this key, of course)

Is this correct?

Thank you for your help,
kind regards,
SaAtomic

---------
> Paul Yang paulyang.inf at gmail.com
> Wed Jul 26 07:19:31 UTC 2017
> The ‘key size’ concept is usually referred to the length of modulus. (In public key crypto area)
> For DH and ECDH, it (the size) ’s generated and defined in the ‘parameters’, as you pasted. Parameters are not exactly the final ‘keys’, they are the ‘materials’ to produce keys (both private ones and public ones), either for DH or ECDH. For DH, you generate parameters based on a given length of prime, and this length is what you called ‘key size’ (e.g. 2048), for ECC the parameters are generated based on named curves, such as prime192v1/prime239v1..., in this case, the ‘key > size’ is 192/239bit. In both case, the prime numbers are used as modulus being used while doing DH or EC crypto calculations...
>
> If you get either a DH or EC key, you could use the following command of OpenSSL to check the ‘key size’:
>
> openssl pkey -in xyz.key -noout -text
>
> check the Private-Key: (xxxx bit) in the output.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux