Of course, DHE can provide forward secrecy. The only catch is that you have to custom-generate strong parameters and rotate them regularly.
@ivanristic Even for 2048-bit? seems overkill. Protocols like IPSEC have the group coded into the spec too.
-
-
@colmmacc In practice? No. For the sake of an argument, why not minimise the amount of data protected by the same DH parameters? -
@ivanristic potential entropy leak, dangerous with bad RNGs, more code == more chance of error, generators can be slow and broken too. - 7 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.