diff options
author | 2013-10-08 11:42:13 +0000 | |
---|---|---|
committer | 2013-10-08 11:42:13 +0000 | |
commit | dffbaaef17b9257f23ca37e0dd8670e9633792f6 (patch) | |
tree | fb47a4c1fc181b7a78c57bcb6d8244fa9e92af07 /usr.bin/ssh/dh.c | |
parent | vmwpvs(4), a driver for VMware Paravirtual SCSI things in vmware guests. (diff) | |
download | wireguard-openbsd-dffbaaef17b9257f23ca37e0dd8670e9633792f6.tar.xz wireguard-openbsd-dffbaaef17b9257f23ca37e0dd8670e9633792f6.zip |
Increase the size of the Diffie-Hellman groups requested for a each symmetric
key size. New values from NIST Special Publication 800-57 with the upper
limit specified by RFC4419. Pointed out by Peter Backes, ok djm@.
Diffstat (limited to 'usr.bin/ssh/dh.c')
-rw-r--r-- | usr.bin/ssh/dh.c | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/usr.bin/ssh/dh.c b/usr.bin/ssh/dh.c index e94572de1c6..98f0fde2f05 100644 --- a/usr.bin/ssh/dh.c +++ b/usr.bin/ssh/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.51 2013/07/02 12:31:43 markus Exp $ */ +/* $OpenBSD: dh.c,v 1.52 2013/10/08 11:42:13 dtucker Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * @@ -349,17 +349,20 @@ dh_new_group14(void) /* * Estimates the group order for a Diffie-Hellman group that has an - * attack complexity approximately the same as O(2**bits). Estimate - * with: O(exp(1.9223 * (ln q)^(1/3) (ln ln q)^(2/3))) + * attack complexity approximately the same as O(2**bits). + * Values from NIST Special Publication 800-57: Recommendation for Key + * Management Part 1 (rev 3) limited by the recommended maximum value + * from RFC4419 section 3. */ int dh_estimate(int bits) { - + if (bits <= 112) + return 2048; if (bits <= 128) - return (1024); /* O(2**86) */ + return 3072; if (bits <= 192) - return (2048); /* O(2**116) */ - return (4096); /* O(2**156) */ + return 7680; + return 8192; } |