[erlang-questions] SSL and hardcoded DH prime

Fri Aug 24 10:52:51 CEST 2018

Oh, thanks, I don't know about that, it's very helpful.

пт, 24 авг. 2018 г. в 11:41, Hans Nilsson R <hans.r.nilsson@REDACTED>:

> Hi!
>
> You can't just grab any prime and use it in DH.  Any prime will work, but
> very
> few primes are safe to use.  And to find a safe prime is a slow process...
>
> Only one out of 400000 1024-bits primes are safe according to
>
>
> https://security.stackexchange.com/questions/5263/where-do-i-get-prime-numbers-for-diffie-hellman-can-i-use-them-twice
>
> /Hans
>
> On 08/23/2018 04:57 PM, Alexander Petrovsky wrote:
> > Hello!
> >
> > We have stumble upon default DH prime (2048 bits) in Erlang when we try
> to
> > establish TLS session with cisco spa303 (VoIP hardphone)
> > via TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) cipher suite.
> Unfortunately,
> > this hardphone can work only with 1024 bit DH prime.
> >
> > I wonder, why Ingela hardcoded this DH prime -
> >
> https://github.com/erlang/otp/commit/3458af579af6600870c5ada69b81085f47e9f52b
> >
> > In my synthetical tests, new DH prime generation is fast enough
> > (crypto:strong_rand_bytes(256)), about 17 us in 99 percentile in 1000000
> > iterations.
> >
> > Why Ingela has hardcoded this DH prime and is any reason why I shouldn't
> > generate DH prime in real-time?
> >
> >
> >
> > _______________________________________________
> > erlang-questions mailing list
> > erlang-questions@REDACTED
> > http://erlang.org/mailman/listinfo/erlang-questions
> >
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>

-- 
Петровский Александр / Alexander Petrovsky,

Skype: askjuise
Phone: +7 931 9877991
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20180824/ca560450/attachment.htm>