[erlang-questions] SSL and hardcoded DH prime
Hans Nilsson R
hans.r.nilsson@REDACTED
Fri Aug 24 10:41:14 CEST 2018
Hi!
You can't just grab any prime and use it in DH. Any prime will work, but very
few primes are safe to use. And to find a safe prime is a slow process...
Only one out of 400000 1024-bits primes are safe according to
https://security.stackexchange.com/questions/5263/where-do-i-get-prime-numbers-for-diffie-hellman-can-i-use-them-twice
/Hans
On 08/23/2018 04:57 PM, Alexander Petrovsky wrote:
> Hello!
>
> We have stumble upon default DH prime (2048 bits) in Erlang when we try to
> establish TLS session with cisco spa303 (VoIP hardphone)
> via TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) cipher suite. Unfortunately,
> this hardphone can work only with 1024 bit DH prime.
>
> I wonder, why Ingela hardcoded this DH prime -
> https://github.com/erlang/otp/commit/3458af579af6600870c5ada69b81085f47e9f52b
>
> In my synthetical tests, new DH prime generation is fast enough
> (crypto:strong_rand_bytes(256)), about 17 us in 99 percentile in 1000000
> iterations.
>
> Why Ingela has hardcoded this DH prime and is any reason why I shouldn't
> generate DH prime in real-time?
>
>
>
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>
More information about the erlang-questions
mailing list