Date: Thu, 22 Oct 2015 15:45:03 +1100 From: Joshua Rogers <oss@...ernot.info> To: oss-security@...ts.openwall.com Subject: Re: Prime example of a can of worms On 22/10/15 15:27, Kurt Seifried wrote: > Ideally we'd like > to see people using different primes (e.g. hardware manufacturers not using > the same primes as everyone else) and where possible people needing more > security (e.g. a VPN hosting provider) should generate their own keys > securely. Could it be possible to generate a new prime in the background, and when it has been generated, on the next reboot use that one instead? And if there is not enough time for the new prime to be generated, it falls back to the old one? I agree that manufacturers should be using a different prime per, at least, batch of products. Thanks, -- -- Joshua Rogers <https://internot.info/> Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ