[OTR-users] DH moduli & AES keysize
Jason Cohen
jcohen07 at brandeis.edu
Tue Mar 29 16:09:56 EST 2005
The WPES 2004 paper states that under the current protocol a person can
send and receive up to 18 messages per second (36 messages total) on a
450 mhz Pentium IIII. Thus, it would seem that even on a slow machine
2048 bit DH moduli wouldn't add a great deal of latency. 450 mhz
machines are also on the low end of what is generally used for desktops.
Most PCs are 2-3 years old and 450 mhz processors are at least 4-5 if I
remember correctly.
Does anyone happen to have performance tests for 2048 or 3072 bit DH
moduli. Could I test this myself?
Jason
>The hard part is of course not in using a different value of p. 1536
>bits was chosen so as to reduce message latency and size overhead, while
>providing sufficient security. Remember that you and your buddy have to
>use the same value of p, so if there's more than one available, you need
>an extra step to negotiate it, and this also opens you up to "rollback"
>attacks.
>
>If we're going to allow larger DH moduli, we'll almost certainly just
>specify the ones in RFC 3526, rather than making users generate their
>own, anyway.
>
> - Ian
>_______________________________________________
>OTR-users mailing list
>OTR-users at lists.cypherpunks.ca
>http://lists.cypherpunks.ca/mailman/listinfo/otr-users
>
>
More information about the OTR-users
mailing list