Join Log in
Score:3
user10433098 avatar Crypto

How does TLS 1.3 restrict the Diffie-Hellman parameters to ones that are known to be secure?

ml flag
user10433098

In previous versions of TLS, the choice of the Diffie-Hellman parameters was up to the participants. This resulted in some implementations choosing incorrectly, resulting in vulnerable implementations being deployed. How does TLS 1.3 takes this choice away?

How are the X(g^x mod p) and Y(g^y mod p) values determined when creating a pre master key in TLS 1.3?

433
1 + 1
dave_thompson_085 avatar
cn flag
dave_thompson_085
Dupe https://crypto.stackexchange.com/questions/87648/which-diffie-hellman-groups-does-tls-1-3-support- as Stack automatically pointed out in 'Related', and crossdupe https://security.stackexchange.com/questions/181820/why-does-tls-1-3-deprecate-custom-dhe-groups for 1.3 and https://security.stackexchange.com/questions/149811/why-is-mozilla-recommending-predefined-dhe-groups for earlier.
0
Reply
Score:4
poncho avatar Crypto
my flag
poncho

How does TLS 1.3 takes this choice away?

By having the client specify the DH group from the list of ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192 (which are specific 2048, 3072, 4096, 6144, 8192 bit DH groups); no other choices (other than some elliptic curve groups) are allowed. That is, neither side longer have a way to say 'hey, lets use this DH group that I just made up'.

How does the $X(g^x \bmod p)$ and $Y(g^y \bmod p)$ values are determined when creating a pre master key in TLS 1.3 ?

Those public keyshares are generated the same way - what's restricted is that $g, p$ are from a list of 5 possibilities.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.