Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 20 Oct 2015 00:27:44 -0500
From: Brad Knowles <brad@...b-internet.org>
To: oss-security@...ts.openwall.com
Cc: Brad Knowles <brad@...b-internet.org>,
 Seth Arnold <seth.arnold@...onical.com>
Subject: Re: Prime example of a can of worms

On Oct 19, 2015, at 11:16 PM, Kurt Seifried <kseifried@...hat.com> wrote:

> #!/bin/bash
> for i in `seq 1 100`;
> do
>    openssl dhparam 2048 -text >> $i
> done
> 
> will generate 100 2048 bit primes. If you can ideally simply commit the
> files to the following github repo:
> 
> https://github.com/RedHatProductSecurity/Diffie-Hellman-Primes/

PR filed to update code to generate 4096-bit primes as well.

I’m wondering if we might be able to take advantage of a larger-scale effort in this area, by using something akin to the @Home methods, but maybe generating large numbers of primes using a custom public AMI and some CloudFormation scripts?

--
Brad Knowles <brad@...b-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>


[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ