Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 20 Oct 2015 00:27:44 -0500
From: Brad Knowles <brad@...b-internet.org>
To: oss-security@...ts.openwall.com
Cc: Brad Knowles <brad@...b-internet.org>,
 Seth Arnold <seth.arnold@...onical.com>
Subject: Re: Prime example of a can of worms

On Oct 19, 2015, at 11:16 PM, Kurt Seifried <kseifried@...hat.com> wrote:

> #!/bin/bash
> for i in `seq 1 100`;
> do
>    openssl dhparam 2048 -text >> $i
> done
> 
> will generate 100 2048 bit primes. If you can ideally simply commit the
> files to the following github repo:
> 
> https://github.com/RedHatProductSecurity/Diffie-Hellman-Primes/

PR filed to update code to generate 4096-bit primes as well.

I’m wondering if we might be able to take advantage of a larger-scale effort in this area, by using something akin to the @Home methods, but maybe generating large numbers of primes using a custom public AMI and some CloudFormation scripts?

--
Brad Knowles <brad@...b-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>


Download attachment "signature.asc" of type "application/pgp-signature" (833 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.