Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 20 Oct 2015 01:37:04 -0400
From: Daniel Kahn Gillmor <dkg@...thhorseman.net>
To: Kurt Seifried <kseifried@...hat.com>, oss-security <oss-security@...ts.openwall.com>
Cc: Seth Arnold <seth.arnold@...onical.com>
Subject: Re: Prime example of a can of worms

On Tue 2015-10-20 00:16:19 -0400, Kurt Seifried wrote:
> So it occurs to me that we have no corpus of data on Diffie Helman primes.
> With this in mind I would like to create one. Openssl command line can
> easily create them, using either the 2 (default) or 5 generator (explained
> at
> http://security.stackexchange.com/questions/54359/what-is-the-difference-between-diffie-hellman-generator-2-and-5
> )
>
> For example the following code:
>
> #!/bin/bash
> for i in `seq 1 100`;
> do
>     openssl dhparam 2048 -text >> $i
> done
>
> will generate 100 2048 bit primes. If you can ideally simply commit the
> files to the following github repo:
>
> https://github.com/RedHatProductSecurity/Diffie-Hellman-Primes/
>
> simply create a directory in the root with your name/whatever you want to
> call it (nothing rude please) and have a "2048" directory for the 2048 bit
> primes and a "4096" directory for the 4096 bit primes I would appreciate
> it. If you use a tool other than OpenSSL command line to generate the
> primes please make a note of it (especially any command line options used)
> in a .txt file in the root of your data directory. My goal is to collect a
> few million primes of each size so we have some real data to work with.

What's the goal of this proposed corpus?  What sort of experiments are
you imagining running?

          --dkg

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ