Replacing the EDH SKIP primes - Mailing list pgsql-hackers

From Daniel Gustafsson
Subject Replacing the EDH SKIP primes
Date
Msg-id 5E60AC9A-CB10-4851-9EF2-7209490A164C@yesql.se
Whole thread Raw
Responses Re: Replacing the EDH SKIP primes
Re: Replacing the EDH SKIP primes
List pgsql-hackers
The current hardcoded EDH parameter fallback use the old SKIP primes, for which
the source disappeared from the web a long time ago.  Referencing a known dead
source seems a bit silly, so I think we should either switch to a non-dead
source of MODP primes or use an archive.org link for SKIP.  Personally I prefer
the former.

This was touched upon, but never really discussed AFAICT, back when then EDH
parameters were reworked a few years ago.  Instead of replacing with custom
ones, as suggested in [1] it we might as well replace with standardized ones as
this is a fallback.  Custom ones wont make it more secure, just add more work
for the project.  The attached patch replace the SKIP prime with the 2048 bit
MODP group from RFC 3526, which is the same change that OpenSSL did a few years
back [2].

cheers ./daniel

[1] https://www.postgresql.org/message-id/54f44984-2f09-8744-927f-140a90c379dc%40ohmu.fi
[2] https://github.com/openssl/openssl/commit/fb015ca6f05e09b11a3932f89d25bae697c8af1e


Attachment

pgsql-hackers by date:

Previous
From: Adrien Nayrat
Date:
Subject: Re: idea: log_statement_sample_rate - bottom limit for sampling
Next
From: Peter Eisentraut
Date:
Subject: fix "Success" error messages