On Mon, May 04, 2015 at 09:00:21AM -0500, jack seth wrote: > > There is a limit of 10000: > > #define OPENSSL_DH_MAX_MODULUS_BITS 10000 > > > > I suggest you do not change this. It just gets slower without > > adding security. > > > > I have no idea why it would freeze with something larger than > > 13824. > > > > I'm not sure what is logging the size, but it might be using > > DH_size()*8 to log it. I don't think their currently is an API > > that returns it in bits. > > > > > > Kurt > > Thanks for the response. Could you elaborate on why a larger size doesn't > add security? For the sake of discussion, lets ignore how slow it would be. > According to section 5.6.1 of > http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf > you would need 15360+ bit to have security equal to AES256. Is NIST wrong > here? If so, why?
Everything in the chain would need to be providing 256 bit of security, there are no ciphers that support more than 192 as far as I know. Once you're at 128 or above it's also far more likekly that something other than the crypto is the weakest part, like a human. Kurt _______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
