[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Ephemeral RSA (was Re: [TLS] Any advice regarding frequency

To: WWhyte@xxxxxxxx (Whyte William)
Subject: Re: Ephemeral RSA (was Re: [TLS] Any advice regarding frequency
From: Martin Rex <martin.rex@xxxxxxx>
Date: Tue, 19 Dec 2006 22:08:11 +0100 (MET)
Cc: tls@xxxxxxxx
In-reply-to: <9DC3EBEFB87A97498A7D25F130DE27E4984877@xxxxxxxxxxxxxxxxx> from "Whyte, William" at Dec 19, 6 01:46:04 pm
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
Reply-to: martin.rex@xxxxxxx

Whyte, William wrote:
> 
> RSA keys take a long time to generate, so it's not clear that this
> would have any significant advantages over ephemeral DH.

One of the advantages is that the code is already there and most
of it interoperability tested because the RSA_EXPORT key exchange
method requires an ephemeral RSA keypair for use with certs
that have RSA keys >512 bits.

There is no requirement to generate a new ephemeral RSA keypair on every
SSL handshake.  It should be perfectly sufficient for a TLS server
to re-generate an ephemeral keypair out-of-band like once per hour.

SSHD in daemon mode uses a similar approach.

-Martin 

_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls

References:
- RE: Ephemeral RSA (was Re: [TLS] Any advice regarding frequency ofgenerating)
  - From: Whyte, William

Prev by Date: Re: [TLS] Comments on TLS identity protection
Next by Date: [TLS] Counter structure
Previous by thread: RE: Ephemeral RSA (was Re: [TLS] Any advice regarding frequency ofgenerating)
Next by thread: [TLS] Comments on TLS identity protection
Index(es):
- Date
- Thread