Loading ...
Sorry, an error occurred while loading the content.

296694Re: Diffie-Hellman parameters

Expand Messages
  • lists@rhsoft.net
    Nov 17, 2013
    • 0 Attachment
      Am 17.11.2013 23:36, schrieb Fedor Brunner:
      > Please increase the size of Diffie-Hellman parameters in
      > http://www.postfix.org/TLS_README.html
      > You recommend 1024 bit DH parameters, but for long term protection,
      > these parameters are too short.
      >
      > During ephemeral Diffie-Hellman (EDH) key exchange a temporary key is
      > generated from DH parameters. This temporary key is used for encryption
      > of the communication and the server public RSA key is used ONLY for
      > signing of this temporary key and NOT for encryption of the
      > communication. If you use DH parameters shorter than you RSA key, you
      > are weakening your encryption.
      >
      > https://wiki.openssl.org/index.php/Diffie_Hellman
      > https://wiki.openssl.org/index.php/Diffie-Hellman_parameters
      >
      >
      > If you are interested in more technical information about key sizes I
      > highly recommend:
      >
      > http://www.keylength.com/en/compare/
      >
      > Yearly Report on Algorithms and Keysizes (2012), D.SPA.20 Rev. 1.0,
      > ICT-2007-216676 ECRYPT II, 09/2012.
      >
      > Recommendation for Key Management, Special Publication 800-57 Part 1
      > Rev. 3, NIST, 07/2012

      that's all fine but breaks interoperability leading in opportunistic mode
      which is needed on the MTA side to let clients fall back to *unencrypted*
      connections - so you may consider what is better - 1024 bit or no
      encryption at all

      you can do that on a webserver but not on a MTA
    • Show all 8 messages in this topic