Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 22 Oct 2015 04:36:12 +0000
From: Loganaden Velvindron <>
Cc: CVE ID Requests <>
Subject: Re: Prime example of a can of worms

On Mon, Oct 19, 2015 at 4:06 AM, Kurt Seifried <> wrote:

> So in light of:
> and
> I would suggest we minimally have a conversation about DH prime security
> (e.g. using larger 2048 primes, and/or a better mix of primes to make
> pre-computation attacks harder). Generating good primes is not easy from
> what I've seen of several discussions, my fear would be that people try to
> fix this by finding new primes that turn out to be problematic.
> Secondly I would also suggest we seriously look at assigning a CVE to the
> use of suspected compromised DH primes. Despite the fact we don't have
> conclusive direct evidence (that I'm aware of, correct me if there is any
> conclusive evidence) I think in this case:
> 1) the attack is computationally feasible for an organization with
> sufficient funding
> 2) the benefit of such an attack far, far, FAR outweighs the cost for
> certain orgs, from the paper:
I think that it's important for organizations who are providing services
that are considered critical to the stability of the Internet to audit &
take corrective measures for all of their impacted services.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ