Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice

by alanfranzonion 12/20/2018, 3:44:24 PM with 10 comments
  • by samirmon 12/20/2018, 7:37:59 PM

    Strange that they recommend an elliptic-curve based implementation considering it's not quantum resistant.

  • by lernoon 12/21/2018, 8:49:04 AM

    Wow, people using 512 bit keysizes in 2018??

    Back in 2014 I got the recommendation to ditch 2048 in favor of 4096.

  • by jeffreydpayneon 12/20/2018, 5:23:07 PM

    This is relevant to my interests. Thank God we're already using ECC for everything.

  • by gregschlomon 12/20/2018, 5:35:19 PM

    I'm confused... Wasn't all that published in 2015 already?

    Edit: ah it says it right there on this article: The full version of this paper was published in Proceedings of the 22nd Conference on Computer and Communications Security (CCS), October 2015, ACM

    Mods, maybe add a "2015" to the title?

  • by dweeklyon 12/20/2018, 5:31:24 PM

    Working link http://sci-hub.se/downloads/17ae/10.1145@3292035.pdf

  • by dadrianon 12/20/2018, 5:24:13 PM

    https://weakdh.org/imperfect-forward-secrecy.pdf

  • by toshon 12/20/2018, 5:12:44 PM

    https://dl.acm.org/citation.cfm?doid=2810103.2813707

  • by pfortunyon 12/20/2018, 5:05:44 PM

    localhost? wrong redirect?

  • by antoineMoPaon 12/20/2018, 5:49:42 PM

    So that thing I learned last semester is useless?