[openssl-users] Selection of DHE ciphers based on modulus size of DH

Sanjaya Joshi joshi.sanjaya at gmail.com
Mon Jun 11 10:06:39 UTC 2018


Hi,
Thank you for the clarifications.

Regards,
Sanjaya

On Fri, Jun 8, 2018 at 4:30 PM, Jakob Bohm <jb-openssl at wisemo.com> wrote:

> (Top posting for consistency).
>
> Once the client receives the TLS1.2 servers choice of DH group,
> it can either accept it or abort the connection.
>
> However if both client and server support the "supported_groups"
> extension (RFC4492) with the additional DH group identifiers in
> RFC7919, they can negotiate a common accepted group of desired
> strength, though the mechanism (like TLS1.3) is artificially
> limited to a fixed set of groups listed in the RFC.
>
>
> On 08/06/2018 12:15, Sanjaya Joshi wrote:
>
>> Hello,
>> Thank you Matt and Jordan. So, it seems that it's possible to modify my
>> client to accept/reject the DH group key length. But i have one more issue
>> to be clarified.
>>
>> Is it possible that if a client does not accept the DH group key length
>> used by the server, then, a different possible cipher (for e.g., RSA) is
>> tried to be negotiated. It seems that the connection is rejected, instead
>> of falling back to a different possible cipher. At least, i tested this
>> quickly using s_client and s_server, and the behavior is as stated above,
>> i.e., no fallback and connection was terminated. Is this the default
>> OpenSSL behavior or this behaviour could be modified somehow by
>> applications ?
>>
>> Regards,
>> Sanjaya
>>
>> On Thu, Jun 7, 2018 at 8:43 PM, Matt Caswell <matt at openssl.org <mailto:
>> matt at openssl.org>> wrote:
>>
>>
>>
>>     On 07/06/18 16:02, Jordan Brown wrote:
>>     > I do not understand, however, how the 80 relates to a 1024-bit
>>     limit.
>>
>>     It's a measure of the "security bits" of an algorithm according to
>>     table
>>     2 in this doc:
>>     https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.
>> sp.800-57pt1r4.pdf
>>     <https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.
>> sp.800-57pt1r4.pdf>
>>
>>
> Enjoy
>
> Jakob
> --
> Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
> Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
> This public discussion message is non-binding and may contain errors.
> WiseMo - Remote Service Management for PCs, Phones and Embedded
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180611/cfb03e73/attachment.html>


More information about the openssl-users mailing list