This is a copy from https://bugzilla.redhat.com/show_bug.cgi?id=1062925
Use at least 15360 bits group size for Discrete Logarithm Diffie-Hellman if you use a 256 bit block cipher. See various standards (especially NIST) cited at http://www.keylength.com/ This is not possible with openssl, because (see bug https://bugzilla.redhat.com/show_bug.cgi?id=1010607) "their crypto/dh/dh.h file has: #ifndef OPENSSL_DH_MAX_MODULUS_BITS # define OPENSSL_DH_MAX_MODULUS_BITS 10000 #endif" it should be 65536. Possibly, other changes need to be made to enable the use of such large groups. -- Peter Backes, [email protected] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
