Hacker News new | past | comments | ask | show | jobs | submit login

How much software has been updated to use stronger DH either ECC or 2048 bit prime field?

Is there an easy way to check if a VPN provider has updated?

The ASICs NSA built for breaking some common 1024 bit fields are probably breaking specific RSA keys now...




Run your private key through the second command here: http://etherhack.co.uk/asymmetric/docs/rsa_key_breakdown.htm...


[deleted]


Care to clarify why not?


Sorry, I thought this was a troll comment to get someone to upload their private key.


That was my first impression to. Why is that impression incorrect?


The "command" is a local command you can run, not a web service to upload keys to. So it's not an attempt to trick people into doing something dangerous (although it might not be a great idea to display private key material on your screen!).

But I'm not convinced that this command will answer the question; if you take the TLS analogy, you can have a client certificate with a 4096-bit RSA key but you can then use that to authenticate to a server with a 768-bit DH parameter! So these parameter sizes are independent.


Gotcha! Thank you :)


"man openssl"




Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: