[tor-talk] How the NSA breaks Diffie-Hellmann

aka akademiker1 at googlemail.com
Wed Oct 21 13:46:50 UTC 2015


Are curve25519 and ed25519 assumed "secure"? Both are not included in
cookie cutter crypto libraries like openssl, hence less applications
using them. I don't know how to feel about algorithms only used in
OpenSSH, Tor, i2p and GNUnet.

Lluís wrote:
> Pretty reassuring and comforting. :))
> 
> Lluís
> 
> Nick Mathewson:
>> On Tue, Oct 20, 2015 at 4:52 AM, Lluís <2015.msl at gmail.com> wrote:
>>> I understand, from a post to this list, than tor is switching from RSA
>>> to elliptic curve key generation.
>>>
>>> What would we expect from that update ?
>>>
>>
>> For encryption, it already happened back in 0.2.4, with the
>> introduction of the ntor protocol.  (And with the use of ecdhe in tls
>> where available.)
>>
>> The remaining use of RSA is for authentication, and should be mostly
>> phased out over the next 8 months.
>>


More information about the tor-talk mailing list