[Security] TLS Certificates Verification

Eric Rescorla ekr at rtfm.com
Wed Aug 20 12:06:17 CDT 2008


On Wed, Aug 20, 2008 at 10:04 AM, Jonathan Schleifer
<js-xmpp-security at webkeks.org> wrote:
> "Eric Rescorla" <ekr at rtfm.com> wrote:
>
>> To sharpen this point a little:
>> If you're using Diffie-Hellman, the cost of computing ZZ (the shared
>> key) is rather higher than the cost of generating your own key out of
>> a known group. Similarly, the cost of generating a DSA key out of a
>> known group is quite low. In other words, if the cost of initial key
>> generation at installation time is unacceptable, then you most likely
>> can't do asymmetric cryptography to establish connections either.
>
> Well, DH on that machine never took an hour :).
> It might as well be a bug in GNUTLS, though.

The computational requirements are as I have stated. I have no idea
what the implementation choices of the various tools you are using are.

-Ekr


More information about the Security mailing list