mansourmoufid at gmail.com
Wed Jan 26 22:10:10 UTC 2011
> As a security precaution, care must be taken to ensure that we do not generate
> weak primes or known filtered primes. Both weak and filtered primes will
> undermine the TLS connection security properties. OpenSSH solves this issue
> dynamically in RFC 4419  and may provide a solution that works reasonably
> well for Tor. More research in this area including Miller-Rabin primality tests
> will need to be analyzed and probably added to Tor.
RFC 4419 suggests the Miller-Rabin test because it is efficient and
well-known. Perhaps Tor could use the AKS primality test, which is
also efficient, and deterministic.
More information about the tor-dev