[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] How the NSA breaks Diffie-Hellmann
I understand, from a post to this list, than tor is switching from RSA
to elliptic curve key generation.
What would we expect from that update ?
Thanks for everyone's effort
> the paper "How is NSA breaking so much crypto?" got the Best Paper Award
> at ACM CCS im Oct. 2015.
> Diffie-Hellman is a cornerstone of modern cryptography used for VPNs,
> HTTPS websites, email, and many other protocols. The paper shows that many
> real-world users of Diffie-Hellman are likely vulnerable to state-level
> A state-level attacker like NSA can pre-compute the most common used 1024
> bit DH parameter sets which are recommend in RFC 2409. If pre-computation
> was done for the two most common used DH parameter sets the NSA can braek
> 2/3 of VPN connections, 1/4 of SSH connections and 1/5 of SSL/TLS
> connections on-the-fly.
> EFF.org recommends to disable DHE cipher in Firefox and Chrome:
> "How to Protect Yourself from NSA Attacks on 1024-bit DH"
> An other more advanced solution for TorBrowser would be possible. You can
> increase the min. length for DH parameter to 2048 bit in NSS lib. Min.
> length for DH parameter was set to 1024 in NSS 3.19.1 to avoid Logjam
> attack. May be, it is time to increase it to 20148 bit?
> Karsten N.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to