[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #17374 [Tor Browser]: Disable 1024-DH Encryption by default
#17374: Disable 1024-DH Encryption by default
-------------------------+--------------------------
Reporter: cypherpunks | Owner: tbb-team
Type: defect | Status: new
Priority: High | Milestone:
Component: Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
-------------------------+--------------------------
Comment (by yawning):
Replying to [comment:4 cypherpunks]:
> Are there any estimates on how many servers (and which) use the weaker
encryption by default? If it is only a small portion (and no major sites,
only obscure rarely visited ones), I'm sure the security tradeoff is very
much worth it.
That's a good question, I'd certainly hope that most of the major sites
would prefer ECDH over DHE. The change as proposed will also totally
break sites that use DHE with non-standard DH parameters, which is bad.
That may be rather uncommon (though it's easy-ish to do).
If it were up to me, I'd tie this to the security slider (since that's
where usability/security tradeoffs live), and when set to a sufficiently
high value, refuse to do DHE depending on the `ServerDHParams` received as
part of the handshake (Eg: Reject groups that are < 1536 bits in length).
It's more involved (and may require patching NSS), but it:
a. Gives users an option that isn't "no crypto" if their obscure site
doesn't work.
b. Will function as intended for people that refuse to use ECDH, and
instead provide a large enough group.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17374#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs