Is it recommended to specify and use DH parameters for server ? I know that RSA encryption/decryption is slow and this is why RSA public keys are used only for establishing the session key which is a symmetric key usually because symetric key encryption is fast. If the negotiated cipher suite for an RSA encrypted client-server session does not involve using the RSA public keys, then when is RSA used in that session ?
On Friday, October 25, 2013 4:49 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: On Fri, Oct 25, 2013 at 06:35:08AM -0700, LN wrote: > I mean in a typical usage of OpenSSL is it mandatory to call > SSL_CTX_set_tmp_dh() if I call SSL_CTX_use_certificate() > and SSL_CTX_use_PrivateKey(). No, this is optional. > I know that for RSA keys, for example, the session key exchange is done > using the public keys of the client and server. No, this depends on the cipher-suite. > If my understanding is correct, the DH parameters are used for > key exchange also. No, not "also", rather "instead" when an EDH cipher-suite is negotiated. > So if public key are used, is there a situation when the DH parameters > will be used instead for key exchange.? When an EDH cipher-suite is negotiated. > So is my understading correct, that DH might be used if the client > uses a protocol for key exchange that is based on DH and if the > server doesn't have the DH parameters, the negotiation will fail No, the server won't negotiate an EDH cipher-suite when it has no DH parameters. Clients don't begin EDH/EECDH key Exchange, servers do. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org