[tor-talk] [Cryptography] 1024 bit DH still common in Tor network
Nick Mathewson
nickm at alum.mit.edu
Sat Sep 7 02:28:22 UTC 2013
On Fri, Sep 6, 2013 at 4:35 PM, Eugen Leitl <eugen at leitl.org> wrote:
> ----- Forwarded message from "Perry E. Metzger" <perry at piermont.com> -----
>
> Date: Fri, 6 Sep 2013 16:34:10 -0400
> From: "Perry E. Metzger" <perry at piermont.com>
> To: cryptography at metzdowd.com
> Subject: [Cryptography] 1024 bit DH still common in Tor network
> X-Mailer: Claws Mail 3.9.0 (GTK+ 2.24.20; x86_64-apple-darwin12.4.0)
>
> Summary: blog posting claims most of the Tor network is still running
> older software that uses 1024 bit Diffie-Hellman.
>
> http://blog.erratasec.com/2013/09/tor-is-still-dhe-1024-nsa-crackable.html
>
> I'm not sure how cheap it actually would be to routinely crack DH key
> exchanges, but it does seem like it would be valuable for
> most Tor nodes to be running newer software anyway.
Yup. Please upgrade, people. 0.2.4 is looking pretty good right now,
and I'd recommend it strongly over 0.2.3 or a variety of reasons, not
limited to this.
yrs,
--
Nick
More information about the tor-talk
mailing list