[gnutls-help] too few bits from gnutls_dh_params_generate2() ?
Brian Hinz
bphinz at users.sourceforge.net
Tue Nov 11 05:35:55 CET 2014
On Mon, Nov 10, 2014 at 6:12 PM, Brian Hinz wrote:
> On Mon, Nov 10, 2014 at 5:59 PM, Nikos Mavrogiannopoulos wrote:
>
>> On Mon, 2014-11-10 at 11:48 -1000, Daniel Kahn Gillmor wrote:
>> > > After some debugging it turns out that the failing criteria is that
>> > > multiple of 64 bits requirement[1]. For some reason I've gotten a 1023
>> > > bit prime, even though I called gnutls_dh_params_generate2() with 1024
>> > > as the argument.
>> > ugh. Java is at fault here -- there's no sense in this particular
>> > severe limitation. if they're willing to use 512-bit DHE parameters and
>> > 1024-bit DHE parameters, they should be willing to use 1023-bit DHE
>> > parameters.
>>
>> That's indeed quite some arbitrary limitation.
>>
>
> I think that the actual limitation in question is that Java is requiring
> the prime length to be a multiple of 64. Presumably this dates back to
> FIPS-186-1 which did require prime lengths to be multiples of 64. The
> limitation on the prime length is supposedly being relaxed in Java 8.
>
>
>> > That said, i suppose it's possible that gnutls could always ensure that
>> > the high bit is set when generating a prime of a given size.
>>
>> That should be the case in gnutls 3.3.x. That version delegates to
>> nettle the DH parameter generation and nettle seems to be more precise.
>
>
> Thanks, I'll try that.
>
3.3.10 does in fact seem to resolve the issue. Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20141110/2a565917/attachment-0001.html>
More information about the Gnutls-help
mailing list