[gnutls-help] too few bits from gnutls_dh_params_generate2() ?
nmav at gnutls.org
Tue Nov 11 18:57:47 CET 2014
On Tue, 2014-11-11 at 13:35 +0100, Pierre Ossman wrote:
> On Tue, 11 Nov 2014 13:32:01 +0100,
> Manuel Pégourié-Gonnard wrote:
> > On 11/11/2014 12:50, Pierre Ossman wrote:
> > > TBH, I've never gotten a good grasp on what a good security policy is with
> > > regard to DH params. Some have pregenerated values, but I also see
> > > references that they should be regenerated every few hours/days/etc.
> > >
> > > Got any insight to share?
> > >
> > The DH params (ie: prime and generator) can totally be static. There are even
> > RFCs defining standardising values for them (3526, 5114, maybe more).
> > The thing that should be regenerated regularly (ideally every key exchange,
> > for truly ephemeral DH) is your private-public DH key pair.
> Is that done by GnuTLS implicitly? I don't see anything in our use of
> GnuTLS that generates such things even once.
Yes, there is a new private key pair on every session in gnutls. There
is no option to change that.
More information about the Gnutls-help