Re: DH group exchange (Re: SSH key algorithm updates)

To: Niels Möller <nisse%lysator.liu.se@localhost>
Subject: Re: DH group exchange (Re: SSH key algorithm updates)
From: Damien Miller <djm%mindrot.org@localhost>
Date: Tue, 10 Nov 2015 18:30:40 +1100 (AEDT)

On Tue, 10 Nov 2015, Niels Möller wrote:

> > It may also be desirable to setup a way that RFC 3526 groups:
> >
> >   diffie-hellman-group14-sha256 (2048-bit MODP group - 112 bits of security)
> >   diffie-hellman-group15-sha256 (3072-bit MODP group - 128 bits of security)
> >
> >   diffie-hellman-group16-sha384 (4096-bit MODP group - ~150 bits of security)

FWIW OpenSSH has been using RFC3526 group 16 as the fallback group for
group-exchange when it can't find a local pre-computed group list.

-d

Follow-Ups:
- Re: DH group exchange (Re: SSH key algorithm updates)
  - From: Mark D. Baushke

References:
- RE: DH group exchange (Re: SSH key algorithm updates)
  - From: Peter Gutmann
- Re: DH group exchange (Re: SSH key algorithm updates)
  - From: denis bider
- RE: DH group exchange (Re: SSH key algorithm updates)
  - From: Peter Gutmann
- Re: DH group exchange (Re: SSH key algorithm updates)
  - From: Mark D. Baushke
- RE: DH group exchange (Re: SSH key algorithm updates)
  - From: Peter Gutmann
- Re: DH group exchange (Re: SSH key algorithm updates)
  - From: Niels Möller
- Re: DH group exchange (Re: SSH key algorithm updates)
  - From: Mark D. Baushke
- Re: DH group exchange (Re: SSH key algorithm updates)
  - From: Niels Möller

Prev by Date: RE: Experimental server for RSA SHA-2
Next by Date: Re: Updated RSA SHA-2 draft / New draft: SSH Extension Negotiation
Previous by Thread: Re: DH group exchange (Re: SSH key algorithm updates)
Next by Thread: Re: DH group exchange (Re: SSH key algorithm updates)
Indexes:

Home | Main Index | Thread Index | Old Index