[tor-bugs] #6088 [Tor Relay]: Gather data about possible transition to 2048bit RSA/DHE
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Jun 14 23:57:15 UTC 2012
#6088: Gather data about possible transition to 2048bit RSA/DHE
-------------------------+--------------------------------------------------
Reporter: ioerror | Owner: ioerror
Type: enhancement | Status: new
Priority: normal | Milestone: Tor: unspecified
Component: Tor Relay | Version: Tor: unspecified
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by ioerror):
Ivan wrote back and he says:
{{{
I may have the data already; have a look at the samples below. Each of
these is the contents of a "suites" field. DH parameters are recorded
when offered by the server.
To calculate the strength, multiply DH_p by 8.
10080; 20080; 30080; 40080; 60040; 700c0; 80080; 3; 4; 5; 6; 8; 9; a; 14
(DH_p 64, DH_g 1, DH_Ys 64); 15 (DH_p 128, DH_g 1, DH_Ys 128); 16 (DH_p
128, DH_g 1, DH_Ys 128); 2f; 33 (DH_p 128, DH_g 1, DH_Ys 128); 35; 39
(DH_p 128, DH_g 1, DH_Ys 128);
a; 16 (DH_p 128, DH_g 1, DH_Ys 128); 2f; 33 (DH_p 128, DH_g 1, DH_Ys
128); 35; 39 (DH_p 128, DH_g 1, DH_Ys 128); 41; 45 (DH_p 128, DH_g 1,
DH_Ys 128); 84; 88 (DH_p 128, DH_g 1, DH_Ys 128);
4; 5; a; 16 (DH_p 128, DH_g 1, DH_Ys 128); 2f; 33 (DH_p 128, DH_g 1,
DH_Ys 128); 35; 39 (DH_p 128, DH_g 1, DH_Ys 128);
a; 16 (DH_p 128, DH_g 1, DH_Ys 128); 2f; 33 (DH_p 128, DH_g 1, DH_Ys
128); 35; 39 (DH_p 128, DH_g 1, DH_Ys 128);
a; 16 (DH_p 128, DH_g 1, DH_Ys 128); 2f; 33 (DH_p 128, DH_g 1, DH_Ys
128); 35; 39 (DH_p 128, DH_g 1, DH_Ys 128);
a; 16 (DH_p 128, DH_g 1, DH_Ys 128); 2f; 33 (DH_p 128, DH_g 1, DH_Ys
128); 35; 39 (DH_p 128, DH_g 1, DH_Ys 128);
4; 5; a; 16 (DH_p 128, DH_g 1, DH_Ys 128); 2f; 33 (DH_p 128, DH_g 1,
DH_Ys 128); 35; 39 (DH_p 128, DH_g 1, DH_Ys 128);
Here are some crude stats:
- There are 215,607 in my database
- 118,641 hostnames support DH in some form
- 311 have DH_p of 256.
...
So the number may be 314
I plan to release my raw data to everyone next week.
}}}
So we're good with RSA 2048bit but we're not so good with the thing that
REALLY matters which is 2048bit DH. :( Shit luck!
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6088#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list