[tor-talk] How the NSA breaks Diffie-Hellmann

Georg Koppen gk at torproject.org
Tue Oct 20 09:27:17 UTC 2015


karsten.n at mailbox.org:
> An other more advanced solution for TorBrowser would be possible. You can
> increase the min. length for DH parameter to 2048 bit in NSS lib. Min.
> length for DH parameter was set to 1024 in NSS 3.19.1 to avoid Logjam
> attack. May be, it is time to increase it to 20148 bit?
> https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes

Might be an idea for https://bugs.torproject.org/17374. I'd actually
like to see how much would break doing this (or the EFF proposal). I
guess quite a lot which makes me wondering whether this could be a
feature for the level "High" on the security slider.

Georg


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20151020/91353906/attachment.sig>


More information about the tor-talk mailing list