[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnutls-dev] Anonymity lost if same DH params re-used for ephemeral RSA/
From: |
Simon Josefsson |
Subject: |
[gnutls-dev] Anonymity lost if same DH params re-used for ephemeral RSA/DSS too? |
Date: |
Sun, 21 Dec 2003 09:49:08 +0100 |
User-agent: |
Gnus/5.1003 (Gnus v5.10.3) Emacs/21.3.50 (gnu/linux) |
This might not be exactly gnutls specific, but the question grow out
of a usage question of your API: is it OK to use the same D-H
parameters for both the ANON-DH and DHE-RSA/DSS key exchanges? It
takes several seconds to generate the D-H params, so I'd rather not
generate two sets if it can be avoided. The issue I'm worried about:
can someone impersonate a server with DHE-RSA/DSS kx, by using the
ANON-DH kx against the real server, if the real server is using the
same D-H parameters for both ANON-DH and DHE-RSA/DSS? Any other
problems using the same D-H parameters?
I suppose the answer is no, but just wanted to be sure. I guess I
need a good TLS textbook...
(I know I can store the D-H parameters on disk in PKCS#3 format to
speed up server startup.)
Thanks.
- [gnutls-dev] Anonymity lost if same DH params re-used for ephemeral RSA/DSS too?,
Simon Josefsson <=