<html><body>
<p><font size="2" face="sans-serif">I have got the openssl 1.0.2</font><br>
<font size="2" face="sans-serif">I don't have any ssl.dh-file set.</font><br>
<br>
<font size="2" face="sans-serif">Still by default lighttpd is negotiating Server Temp Key: DH, 2048 bits</font><br>
<br>
<font size="2" face="sans-serif">Protocol : TLSv1.2</font><br>
<font size="2" face="sans-serif"> Cipher : DHE-RSA-AES256-GCM-SHA384</font><br>
<br>
<font size="2" face="sans-serif">I am surprised for this because once and only once it had negotiated 1024 bits and after that it is showing only 2048. Can someone help me to explain this ?</font><br>
<br>
<font size="2" face="sans-serif">Is there also an option to set the key length manually and check if it will negotiate that. ?</font><br>
<br>
<font size="2" face="sans-serif">Thanks & Regards,<br>
Nayna Jain</font><br>
<br>
<img width="16" height="16" src="cid:1__=EABBF4C2DFBF17208f9e8a93df938@in.ibm.com" border="0" alt="Inactive hide details for Jakob Bohm ---05/25/2015 06:02:44 AM---On 24/05/2015 05:33, mancha wrote: > On Fri, 22 May 2015 at 11"><font size="2" color="#424282" face="sans-serif">Jakob Bohm ---05/25/2015 06:02:44 AM---On 24/05/2015 05:33, mancha wrote: > On Fri, 22 May 2015 at 11:17:21AM +0100, Matt Caswell wrote:</font><br>
<br>
<font size="1" color="#5F5F5F" face="sans-serif">From: </font><font size="1" face="sans-serif">Jakob Bohm <jb-openssl@wisemo.com></font><br>
<font size="1" color="#5F5F5F" face="sans-serif">To: </font><font size="1" face="sans-serif">openssl-users@openssl.org</font><br>
<font size="1" color="#5F5F5F" face="sans-serif">Date: </font><font size="1" face="sans-serif">05/25/2015 06:02 AM</font><br>
<font size="1" color="#5F5F5F" face="sans-serif">Subject: </font><font size="1" face="sans-serif">Re: [openssl-users] What key length is used for DHE by default ?</font><br>
<font size="1" color="#5F5F5F" face="sans-serif">Sent by: </font><font size="1" face="sans-serif">"openssl-users" <openssl-users-bounces@openssl.org></font><br>
<hr width="100%" size="2" align="left" noshade style="color:#8091A5; "><br>
<br>
<br>
<tt><font size="2">On 24/05/2015 05:33, mancha wrote:<br>
> On Fri, 22 May 2015 at 11:17:21AM +0100, Matt Caswell wrote:<br>
>> On 22/05/15 11:11, Nayna Jain wrote:<br>
>>> Hi,<br>
>>><br>
>>> With the latest logjam attack, as I was trying to verify if my<br>
>>> server (lighttpd) accepts DHE_xxx ciphers, I saw that it accepted<br>
>>> and I didn't do any configuration setting done for DH parameters<br>
>>> explicitly.<br>
>>><br>
>>> But I couldn't verify what is the key length did it use by default<br>
>>> 512/1024/2048 ?<br>
>>><br>
>>> Eg. the one it negotiated was DHE-RSA-AES128-SHA256 and for TLSv1.2<br>
>>> protocol ?<br>
>>><br>
>>> Will the key length be different for different protocols like<br>
>>> SSLv3/TLSv1.0/TLSv1.1/TLSv1.2? If yes , then what for each of them.<br>
>> How that is configured depends on the application that is using<br>
>> OpenSSL. A quick google search throws up this:<br>
>><br>
>> </font></tt><tt><font size="2"><a href="http://redmine.lighttpd.net/projects/1/wiki/docs_ssl">http://redmine.lighttpd.net/projects/1/wiki/docs_ssl</a></font></tt><tt><font size="2"><br>
>><br>
>> 'Diffie-Hellman and Elliptic-Curve Diffie-Hellman parameters<br>
>> Diffie-Hellman and Elliptic-Curve Diffie-Hellman key agreement<br>
>> protocols will be supported in lighttpd 1.4.29. By default,<br>
>> Diffie-Hellman and Elliptic-Curve Diffie-Hellman key agreement<br>
>> protocols use, respectively, the 1024-bit MODP Group with 160-bit<br>
>> prime order subgroup from RFC 5114 and "prime256v1" (also known as<br>
>> "secp256r1") elliptic curve from RFC 4492. The Elliptic-Curve<br>
>> Diffie-Hellman key agreement protocol is supported in OpenSSL from<br>
>> 0.9.8f version onwards. For maximum interoperability, OpenSSL only<br>
>> supports the "named curves" from RFC 4492.<br>
>><br>
>> Using the ssl.dh-file and ssl.ec-curve configuration variables, you<br>
>> can define your own set of Diffie-Hellman domain parameters. For<br>
>> example:<br>
>><br>
>> ssl.dh-file = "/etc/lighttpd/ssl/dh2048.pem"<br>
>> ssl.ec-curve = "secp384r1"'<br>
> OpenSSL users might like to know you can use s_client to diagnose a<br>
> server's Diffie-Hellman profile. Starting with OpenSSL 1.0.2 you can do:<br>
><br>
> $ openssl s_client -connect </font></tt><tt><font size="2">www.example.com:443</font></tt><tt><font size="2"> -cipher "EDH" | grep<br>
> "Server Temp Key"<br>
><br>
> If you're testing a server that uses a small (weak) DH group the above<br>
> command might output something like:<br>
><br>
> Server Temp Key: DH, 512 bits<br>
><br>
> Note: If you're on OpenSSL 1.0.1 you'll need to apply my back port to<br>
> have this functionality:<br>
><br>
> </font></tt><tt><font size="2"><a href="https://twitter.com/mancha140/status/602241770961907712">https://twitter.com/mancha140/status/602241770961907712</a></font></tt><tt><font size="2"><br>
><br>
> --mancha<br>
><br>
> P.S. That command also shows the elliptic curve name and bit size when<br>
> using ECDHE and the RSA modulus bit size when RSA is used for the<br>
> temporary key (as done by some export ciphers).<br>
><br>
BEWARE: If the application is written to use different<br>
DH key lengths for different ciphers (as is traditional),<br>
this will only show the DH group for the current cipher,<br>
not for any other cipher. In the most common case,<br>
selecting one of the old "export" ciphers will switch<br>
from the longer DH group to a 512 bit DH group!<br>
<br>
<br>
Enjoy<br>
<br>
Jakob<br>
-- <br>
Jakob Bohm, CIO, Partner, WiseMo A/S. </font></tt><tt><font size="2"><a href="http://www.wisemo.com">http://www.wisemo.com</a></font></tt><tt><font size="2"><br>
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10<br>
This public discussion message is non-binding and may contain errors.<br>
WiseMo - Remote Service Management for PCs, Phones and Embedded<br>
<br>
_______________________________________________<br>
openssl-users mailing list<br>
To unsubscribe: </font></tt><tt><font size="2"><a href="https://mta.openssl.org/mailman/listinfo/openssl-users">https://mta.openssl.org/mailman/listinfo/openssl-users</a></font></tt><tt><font size="2"><br>
<br>
</font></tt><br>
</body></html>