Of course, DHE can provide forward secrecy. The only catch is that you have to custom-generate strong parameters and rotate them regularly.
-
-
Replying to @ivanristic
@ivanristic Even for 2048-bit? seems overkill. Protocols like IPSEC have the group coded into the spec too.1 reply 0 retweets 0 likes -
Replying to @ivanristic
@ivanristic potential entropy leak, dangerous with bad RNGs, more code == more chance of error, generators can be slow and broken too.1 reply 0 retweets 0 likes -
Replying to @ivanristic
@ivanristic Security is trade-offs, so all trade-off arguments sound like that and are judgement calls :/ In this case risk/reward seems low3 replies 0 retweets 0 likes -
Replying to @ivanristic
@ivanristic If 2048-bit is easy to break, then it's likely that RSA is too. At that point it's best to have alg diversity. RSA + ECDHE1 reply 0 retweets 0 likes
Replying to @ivanristic
@ivanristic I wish that were true. Still a lot of non-PFS traffic :(
2:56 PM - 17 Jun 2015
1 reply
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.