disabledAlgorithms "DHE keySize < 1024" support?

Xuelei Fan xuelei.fan at oracle.com
Sat May 23 14:16:16 UTC 2015


On 5/23/2015 9:50 PM, Bernd Eckenfels wrote:
> Am Sat, 23 May 2015 08:30:26 +0800
> schrieb Xuelei Fan <xuelei.fan at oracle.com>:
> 
>> Please refer to the "Customizing Size of Ephemeral Diffie-Hellman
>> Keys" section of JSSE Reference Guide.
>>
>> http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html
> 
> Thanks Xulei, but I think this does not address the minimum accepted
> size of an client SSLSocket  (at least I could not see that in the
> description). It only allows to configure the server generated groups
> in the ServerKeyExchange. 
> 
> When setting jdk.tls.ephemeralDHKeySize=2048 I still can connect to
> https://dhe512.zmap.io/
> 
Right, it is impact the generation of DH keys.

I did not get your ideas in the previous mail.
"jdk.tls.disabledAlgorithms" is expected to work to disable weak DH keys
(for example, ""DHE keySize < 768").  Can you describe your concern more?

Thanks,
Xuelei

> Gruss
> Bernd
> 
> BTW in Regards to the Server side:
> 
> That document should mention that the parameter group is generated
> randomly on first use (matching DSA restrictions). It is a good thing
> there are no standard primes used, it would be better if they are
> constructed not specifically for DSA (as mentioned in the Logjam
> paper).
> 
> I can imagine that in the future for higher security mutual agreed
> parameter groups become more important, so let me point to
> http://bugs.java.com/view_bug.do?bug_id=4641806 as well.
> 



More information about the security-dev mailing list