mbedtls

History

Janos Follath bea98b4581 Remove Diffie-Hellman examples These examples rely on the NET module, which we want to remove. In theory we could remove just the dependency, but we decided to remove the whole example because: - They showcase some bad crypto: custom, undocumented protocol (not obviously broken though, apart from authenticating only one side); hard-coded limit of 512-bit size for the DH modulus (2048 is the recommended minimum these days); direct use of the shared secret as a key (instead of applying a KDF); encryption with ECB, custom parameters and the client not having the ability to verify them. - The programs use the DH API in the same way that TLS does, so they have limited demonstration value. - The programs only show finite-field DH, which is not used all that much these days. What people want to see is mostly ECDH.	2019-03-06 15:39:48 +00:00
..
VS2010	Remove Diffie-Hellman examples	2019-03-06 15:39:48 +00:00

Janos Follath bea98b4581 Remove Diffie-Hellman examples

These examples rely on the NET module, which we want to remove. In
theory we could remove just the dependency, but we decided to remove the
whole example because:

 - They showcase some bad crypto: custom, undocumented protocol (not
   obviously broken though, apart from authenticating only one side);
   hard-coded limit of 512-bit size for the DH modulus (2048 is the
   recommended minimum these days); direct use of the shared secret as a
   key (instead of applying a KDF); encryption with ECB, custom
   parameters and the client not having the ability to verify them.
 - The programs use the DH API in the same way that TLS does, so they
   have limited demonstration value.
 - The programs only show finite-field DH, which is not used all that
   much these days. What people want to see is mostly ECDH.

2019-03-06 15:39:48 +00:00

VS2010

Remove Diffie-Hellman examples

2019-03-06 15:39:48 +00:00