[openssl-dev] Weak DH and the Logjam
mancha
mancha1 at zoho.com
Sat May 23 21:11:20 UTC 2015
On Thu, May 21, 2015 at 03:29:23AM +0000, mancha wrote:
> On Wed, May 20, 2015 at 11:31:00PM +0200, Kurt Roeckx wrote:
> > On Wed, May 20, 2015 at 08:58:54PM +0000, mancha wrote:
> > > On Wed, May 20, 2015 at 07:17:43PM +0200, Kurt Roeckx wrote:
> > > > On Wed, May 20, 2015 at 07:11:42AM +0000, mancha wrote:
> > > > > Hello.
> > > > >
> > > > > Given Adrien et al. recent paper [1] together with their
> > > > > proof-of-concept attacks against 512-bit DH groups [2], it
> > > > > might be a good time to resurrect a discussion Daniel Kahn
> > > > > Gillmor has started here in the past.
> > > >
> > > > Please see
> > > > http://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
> > > >
> > > >
> > > > Kurt
> > >
> > > Hi Kurt. Thanks for the link and congrats to EK for a well-written
> > > blog.
> > >
> > > A few questions...
> > >
> > > 1. On ECC:
> > >
> > > Did I correctly understand that starting with 1.0.2b, OpenSSL
> > > clients will only include secp256r1, secp384r1, and secp521r1 on
> > > the prime side and sect283k1, sect283r1, sect409k1, sect409r1,
> > > sect571k1, sect571r1 on the binary side in supported elliptic
> > > curves extensions?
> >
> > It also has the 3 brainpool curves and secp256k1.
>
> Yep, forgot about the addition of brainpool curves in 1.0.2.
>
> > > Will OpenSSL consider making this change in 1.0.1 as well?
> >
> > 1.0.1 doesn't support the auto ecdh, so we at least can't do exactly
> > the same there. But maybe we should also update the default used by
> > the client?
>
> The following pull request for 1.0.1-stable removes elliptic curves
> that provide less than the equivalent of 128 bits of symmetric key
> security from the list clients announce via supported elliptic curves
> extensions.
>
> https://github.com/openssl/openssl/pull/288
>
Commit now mentions changes in CHANGES. New pull request is #290.
https://github.com/openssl/openssl/issues/290
--mancha
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150523/b44ee971/attachment.sig>
More information about the openssl-dev
mailing list