29 Mar
2011
29 Mar
'11
9:08 a.m.
Nikos Mavrogiannopoulos nmav@gnutls.org writes:
At least for TLS, weak key checking is not that important due to low probability of selecting one, to be of any practical concern.
In lsh, I disconnect when a weak key is detected.
The problem with relying on "low probability" is that unless you generate the random key all by yourself, you need that probability to be low also in the presence of any possible attacks on the key agreement protocol. The analysis needed to rule out such attacks may cause some headache, which you can avoid by simply refusing to use weak keys if they ever occur.
Regards, /Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.