2015-11-19 11:13 GMT+01:00 Piotr Kubaj <[email protected]>: >> 4096 bit DH params will be pretty slow to handshake. Maybe that's >> okay in your circumstance though since you seem to be using this >> for a personal use and not expecting a high connection rate. You >> also have a 8 kbit RSA self signed certificate and using 256 bit >> ciphers which increase TLS overhead. > I want it to be secure, and I don't want to touch my settings for > quite a while so I just took the strongest algorithms there are, and > 2x recommended values for things like private key, or DH params. The > hardware is pretty powerful and I've already checked that I don't have > a huge load.
Take note, that increasing RSA size twice reduces number of connections you can accept 10 times or more. For example, my quite powerful desktop with recent CPU can accept 973 connections per second per core for RSA 2048, 136 connections per second for RSA 4096. OpenSSL does not have tests for RSA 8192, but that would be in the order of a few connections per second. RSA 8192 is really an overkill, it would be possible to DoS your server with a simple shell script;) If you want a state of the art cryptography you should probably use ECDSA certificate, it will be both faster and more secure. -- Janusz Dziemidowicz
