mercredi 20 juillet 2016
Par Maxime DERCHE le mercredi 20 juillet 2016, 16:31
For some reason (the previous one was too old, etc.), I generated a new OpenPGP key.
OpenPGP public key ID : 0xAE5264B5 (0x47F729A6AE5264B5)
OpenPGP public key fingerprint : 7221 4C4F D57C 456F 8E40 3257 47F7 29A6 AE52 64B5
I uploaded it a few minutes ago on several public servers (on pgp.mit.edu for example), so it will be publicly available everywhere soon.
mercredi 20 mai 2015
Par Maxime DERCHE le mercredi 20 mai 2015, 15:47
A new wide-impact cryptographic attack has been published a few hours ago: Logjam.
It's an attack on the Diffie-Hellman key exchange mechanism, with impact:
For this personal web site I use 8192-bit Diffie-Hellman parameters for some times now, so even if it may seem a high value I can at least consider me as walking on the safe side. ;-)
I'm wondering how the Apache HTTPd users will get out of this particular risk: there is no way to select a fixed set of Diffie-Hellman parameters in the configuration, even in the 2.4 versions (the DH length is automatically chosen based on the length of the key in the certificate, see Ivan Ristić's explanation). Final thought on this subject: Nagios NRPE (the Nagios monitoring agent) still uses 512-bit DH parameters with ADH for the "security" of its communication with the monitoring station...