Skip to content

Commit

Permalink
DH.new_parameters (#18)
Browse files Browse the repository at this point in the history 
Update documentation of DH.new_parameters to reflect state of the art.

According to the paper https://weakdh.org/imperfect-forward-secrecy-ccs15.pdf,
1024 is not enough but 2048 is a reasonable value.
  • Loading branch information
@UnixJunkie @xavierleroy
UnixJunkie authored and xavierleroy committed Sep 29, 2019
1 parent 0ba67c2 commit 1fa8398
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/cryptokit.mli
View file
Original file line number Diff line number Diff line change
Expand Up @@ -861,7 +861,7 @@ module DH: sig
(** Generate a new set of Diffie-Hellman parameters.
The non-optional argument is the size in bits of the [p] parameter.
It must be large enough that the discrete logarithm problem modulo
[p] is computationally unsolvable. 1024 is a reasonable value.
[p] is computationally unsolvable. 2048 is a reasonable value.
The optional [rng] argument specifies a random number generator
to use for generating the parameters; it defaults to
{!Cryptokit.Random.secure_rng}. The optional [privlen] argument
Expand Down

0 comments on commit 1fa8398

Please sign in to comment.