[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [PATCH] Re: Logjam mitigation for Wheezy?

Kurt Roeckx <kurt@roeckx.be> writes:

> On Mon, Jun 08, 2015 at 10:00:00AM +0000, Thorsten Glaser wrote:
>> Stefan Fritsch <sf <at> sfritsch.de> writes:
>> 
>> > And custom DH groups are not that easy to handle in an automated way. 
>> 
>> Right. I'm currently suggesting each "site" to generate one and
>> roll that out for the whole "site" (e.g. company, project).
>
> Please note that the website still says that everybody should
> generate their own 2048 bit DH key, but on the ietf TLS list they
> said that wasn't needed and they would update their site.  2048
> bit DH should still be strong enough that not everybody needs to
> generate their own.

Encouraging custom DH groups is not a good idea, as this opens up the
triple handshake attack possibility[0].

0. https://www.secure-resumption.com/ (search for Initial DHE Handshake)
<-- details an attack where a server can send custom groups
Reply to: