|
|
f09e2e |
diff -U0 openssh-6.3p1/ChangeLog.df openssh-6.3p1/ChangeLog
|
|
|
f09e2e |
--- openssh-6.3p1/ChangeLog.df 2013-10-23 22:38:03.476272461 +0200
|
|
|
f09e2e |
+++ openssh-6.3p1/ChangeLog 2013-10-23 22:39:46.051788366 +0200
|
|
|
f09e2e |
@@ -0,0 +1,8 @@
|
|
|
f09e2e |
+20131010
|
|
|
f09e2e |
+ - dtucker@cvs.openbsd.org 2013/10/08 11:42:13
|
|
|
f09e2e |
+ [dh.c dh.h]
|
|
|
f09e2e |
+ Increase the size of the Diffie-Hellman groups requested for a each
|
|
|
f09e2e |
+ symmetric key size. New values from NIST Special Publication 800-57 with
|
|
|
f09e2e |
+ the upper limit specified by RFC4419. Pointed out by Peter Backes, ok
|
|
|
f09e2e |
+ djm@.
|
|
|
f09e2e |
+
|
|
|
f09e2e |
diff -up openssh-6.3p1/dh.c.df openssh-6.3p1/dh.c
|
|
|
f09e2e |
--- openssh-6.3p1/dh.c.df 2013-07-18 08:12:07.000000000 +0200
|
|
|
f09e2e |
+++ openssh-6.3p1/dh.c 2013-10-23 22:38:03.476272461 +0200
|
|
|
f09e2e |
@@ -1,4 +1,4 @@
|
|
|
f09e2e |
-/* $OpenBSD: dh.c,v 1.51 2013/07/02 12:31:43 markus Exp $ */
|
|
|
f09e2e |
+/* $OpenBSD: dh.c,v 1.52 2013/10/08 11:42:13 dtucker Exp $ */
|
|
|
f09e2e |
/*
|
|
|
f09e2e |
* Copyright (c) 2000 Niels Provos. All rights reserved.
|
|
|
f09e2e |
*
|
|
|
f09e2e |
@@ -352,17 +352,20 @@ dh_new_group14(void)
|
|
|
f09e2e |
|
|
|
f09e2e |
/*
|
|
|
f09e2e |
* Estimates the group order for a Diffie-Hellman group that has an
|
|
|
f09e2e |
- * attack complexity approximately the same as O(2**bits). Estimate
|
|
|
f09e2e |
- * with: O(exp(1.9223 * (ln q)^(1/3) (ln ln q)^(2/3)))
|
|
|
f09e2e |
+ * attack complexity approximately the same as O(2**bits).
|
|
|
f09e2e |
+ * Values from NIST Special Publication 800-57: Recommendation for Key
|
|
|
f09e2e |
+ * Management Part 1 (rev 3) limited by the recommended maximum value
|
|
|
f09e2e |
+ * from RFC4419 section 3.
|
|
|
f09e2e |
*/
|
|
|
f09e2e |
|
|
|
f09e2e |
int
|
|
|
f09e2e |
dh_estimate(int bits)
|
|
|
f09e2e |
{
|
|
|
f09e2e |
-
|
|
|
f09e2e |
+ if (bits <= 112)
|
|
|
f09e2e |
+ return 2048;
|
|
|
f09e2e |
if (bits <= 128)
|
|
|
f09e2e |
- return (1024); /* O(2**86) */
|
|
|
f09e2e |
+ return 3072;
|
|
|
f09e2e |
if (bits <= 192)
|
|
|
f09e2e |
- return (2048); /* O(2**116) */
|
|
|
f09e2e |
- return (4096); /* O(2**156) */
|
|
|
f09e2e |
+ return 7680;
|
|
|
f09e2e |
+ return 8192;
|
|
|
f09e2e |
}
|
|
|
f09e2e |
diff -up openssh-6.3p1/dh.h.df openssh-6.3p1/dh.h
|
|
|
f09e2e |
--- openssh-6.3p1/dh.h.df 2008-06-29 14:47:04.000000000 +0200
|
|
|
f09e2e |
+++ openssh-6.3p1/dh.h 2013-10-23 22:38:03.476272461 +0200
|
|
|
f09e2e |
@@ -1,4 +1,4 @@
|
|
|
f09e2e |
-/* $OpenBSD: dh.h,v 1.10 2008/06/26 09:19:40 djm Exp $ */
|
|
|
f09e2e |
+/* $OpenBSD: dh.h,v 1.11 2013/10/08 11:42:13 dtucker Exp $ */
|
|
|
f09e2e |
|
|
|
f09e2e |
/*
|
|
|
f09e2e |
* Copyright (c) 2000 Niels Provos. All rights reserved.
|
|
|
f09e2e |
@@ -43,6 +43,7 @@ int dh_pub_is_valid(DH *, BIGNUM *);
|
|
|
f09e2e |
|
|
|
f09e2e |
int dh_estimate(int);
|
|
|
f09e2e |
|
|
|
f09e2e |
+/* Min and max values from RFC4419. */
|
|
|
f09e2e |
#define DH_GRP_MIN 1024
|
|
|
f09e2e |
#define DH_GRP_MAX 8192
|
|
|
f09e2e |
|