[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] [Cryptography] 1024 bit DH still common in Tor network



On Fri, Sep 6, 2013 at 4:35 PM, Eugen Leitl <eugen@xxxxxxxxx> wrote:
> ----- Forwarded message from "Perry E. Metzger" <perry@xxxxxxxxxxxx> -----
>
> Date: Fri, 6 Sep 2013 16:34:10 -0400
> From: "Perry E. Metzger" <perry@xxxxxxxxxxxx>
> To: cryptography@xxxxxxxxxxxx
> Subject: [Cryptography] 1024 bit DH still common in Tor network
> X-Mailer: Claws Mail 3.9.0 (GTK+ 2.24.20; x86_64-apple-darwin12.4.0)
>
> Summary: blog posting claims most of the Tor network is still running
> older software that uses 1024 bit Diffie-Hellman.
>
> http://blog.erratasec.com/2013/09/tor-is-still-dhe-1024-nsa-crackable.html
>
> I'm not sure how cheap it actually would be to routinely crack DH key
> exchanges, but it does seem like it would be valuable for
> most Tor nodes to be running newer software anyway.

Yup.  Please upgrade, people.  0.2.4 is looking pretty good right now,
and I'd recommend it strongly over 0.2.3 or a variety of reasons, not
limited to this.

yrs,
-- 
Nick
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk