Project

General

Profile

Bug #11968

OpenSSL extension only supports weak (512-bit, 1024-bit) Diffie-Hellman groups

Added by bascule (Tony Arcieri) over 3 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
[ruby-core:72766]

Description

The following D-H groups are enabled per default:

https://github.com/ruby/ruby/blob/trunk/ext/openssl/lib/openssl/pkey.rb

These use 512-bit and 1024-bit primes respectively. These are considered weak in 2015 by all present methods of evaluating D-H group size as a security parameter:

http://www.keylength.com/

Weak D-H groups like this were recently implicated in the Logjam attack:

https://weakdh.org/

512-bit D-H keys in particular can be trivially attacked by commodity hardware. I have put in a PR to the openssl gem to remove the 512-bit group:

https://github.com/ruby/openssl/pull/44

However, the 1024-bit group is weak as well. The recommendation of the Logjam paper authors is to upgrade to a 2048-bit group at the minimum.

Associated revisions

Revision 55cb1b5e
Added by hsbt (Hiroshi SHIBATA) over 3 years ago

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53531 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 53531
Added by hsbt (Hiroshi SHIBATA) over 3 years ago

Revision 53531
Added by hsbt (Hiroshi SHIBATA) over 3 years ago

Revision 53531
Added by hsbt (Hiroshi SHIBATA) over 3 years ago

Revision 53531
Added by hsbt (Hiroshi SHIBATA) over 3 years ago

History

#2

Updated by hsbt (Hiroshi SHIBATA) over 3 years ago

  • Status changed from Open to Closed

Applied in changeset r53531.


Also available in: Atom PDF