Diffie-Hellman question

Thomas Shaddack shaddack at ns.arachne.cz
Sun May 16 17:34:13 PDT 2004

I have a standard implementation of OpenSSL, with Diffie-Hellman prime in
the SSL certificate. The DH cipher suite is enabled.

Is it safe to keep one prime there forever, or should I rather
periodically regenerate it? Why? If yes, what's some sane period to do so:
day, week, month?

If the adversary has a log of a passively intercepted DHE-RSA-AES256-SHA
secured SSL communication, presuming the ephemeral key was correctly
generated and disposed of after the transaction, will the eventual
physical retrieval of the DH prime (and the rest of the certificate) allow
him to decode the captured log?

I am rather inexperienced in this area, don't want to make a mistake, and
generation of 2048-bit primes is CPU-hungry enough to not decide to just
throw it in without a good reason.

More information about the cypherpunks-legacy mailing list