from Hacker News

Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice

by alanfranzoni on 12/20/18, 3:44 PM with 34 comments

• by samirm on 12/20/18, 7:37 PM

  Strange that they recommend an elliptic-curve based implementation considering it's not quantum resistant.

• by lerno on 12/21/18, 8:49 AM

  Wow, people using 512 bit keysizes in 2018??

  Back in 2014 I got the recommendation to ditch 2048 in favor of 4096.

• by jeffreydpayne on 12/20/18, 5:23 PM

  This is relevant to my interests. Thank God we're already using ECC for everything.

• by gregschlom on 12/20/18, 5:35 PM

  I'm confused... Wasn't all that published in 2015 already?

  Edit: ah it says it right there on this article: The full version of this paper was published in Proceedings of the 22nd Conference on Computer and Communications Security (CCS), October 2015, ACM

  Mods, maybe add a "2015" to the title?

• by dweekly on 12/20/18, 5:31 PM

  Working link http://sci-hub.se/downloads/17ae/10.1145@3292035.pdf

• by dadrian on 12/20/18, 5:24 PM

  https://weakdh.org/imperfect-forward-secrecy.pdf

• by tosh on 12/20/18, 5:12 PM

  https://dl.acm.org/citation.cfm?doid=2810103.2813707

• by pfortuny on 12/20/18, 5:05 PM

  localhost? wrong redirect?

• by antoineMoPa on 12/20/18, 5:49 PM

  So that thing I learned last semester is useless?