3des cipher and DH group size
Damien Miller
djm at mindrot.org
Tue Feb 18 14:53:42 EST 2014
On Mon, 17 Feb 2014, Hubert Kario wrote:
> > I choose standards and objective guidelines over your personal
> > definitions of "relatively secure" and "normal person".
>
> The standards say quite explicitly: iff 3DES => 2k DH. iff AES-128 => 3k DH.
> They don't say if SHA-1 MAC => 7k DH.
>
> But that's what current code is doing.
>
> FIPS (it even has "Standard" in the name) says that we shouldn't use
> DH with keys over 3072 bits, ever. Why you're not following it?
FIPS always lags good practice. E.g. permitting single DES until 2007.
-d
More information about the openssh-unix-dev
mailing list