This is a copy from https://bugzilla.redhat.com/show_bug.cgi?id=1062925
Use at least 15360 bits group size for Discrete Logarithm Diffie-Hellman if you use a 256 bit block cipher. See various standards (especially NIST) cited at http://www.keylength.com/ This is not possible with openssl, because (see bug https://bugzilla.redhat.com/show_bug.cgi?id=1010607) "their crypto/dh/dh.h file has: #ifndef OPENSSL_DH_MAX_MODULUS_BITS # define OPENSSL_DH_MAX_MODULUS_BITS 10000 #endif" it should be 65536. Possibly, other changes need to be made to enable the use of such large groups. -- Peter Backes, r...@helen.plasma.xg8.de ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
