18 Feb
2016
18 Feb
'16
10:08 a.m.
Observe that reusage of group parameters in DH appears common: Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice https://weakdh.org/imperfect-forward-secrecy-ccs15.pdf p.3 Table 1: Top 512-bit DH primes for TLS. 8.4% of Alexa Top 1M HTTPS domains allow DHE_EXPORT, of which 92.3% use one of the two most popular primes, shown here.