-
Enhancement
-
Resolution: Won't Fix
-
P4
-
None
-
None
Summary
-------
Support DH and DSA parameters generation in Keytool.
Non-Goals
---------
It is not a goal to support DH and DSA parameters generation in JCE providers.
Success Metrics
---------------
Support safe primes DH groups (up to 81920 bits) and DSA parameters (up to 3072 bits) generation in Keytool.
Motivation
----------
The key length is an important security parameter to determine the strength of public key based cryptographic algorithms. With the development of crypto analysis, the industry needs stronger strengths. HTTP/2 (RFC 7540) requires that clients MUST accept ephemeral finite field Diffie-Hellman (DHE) sizes up to 4096 bits. TLS 1.3 is proposing to support DHE sizes up to 8192 bits. NIST FIPS 186-4 is proposing 3072-bits DSA parameters. However, the generation of big DH groups and DSA parameters can be extremely slow. In general, pre-computed values are used in protocols and applications. Additionally, DH key exchanges are recommended to use safe prime groups. As requires a tool to generate qualified DH and DSA parameters.
Description
-----------
Add DH and DSA parameters generation options to JDK Keytool.
Testing
-------
1. test that keytool can generate DH groups with DH generator 2, 5.
2. test that the generated DH groups are safe primes.
3. test that the DH parameter generation can support groups up to 8192 bits.
4. test that the DSA parameter generation can support primes up to 3072 bits.
-------
Support DH and DSA parameters generation in Keytool.
Non-Goals
---------
It is not a goal to support DH and DSA parameters generation in JCE providers.
Success Metrics
---------------
Support safe primes DH groups (up to 81920 bits) and DSA parameters (up to 3072 bits) generation in Keytool.
Motivation
----------
The key length is an important security parameter to determine the strength of public key based cryptographic algorithms. With the development of crypto analysis, the industry needs stronger strengths. HTTP/2 (RFC 7540) requires that clients MUST accept ephemeral finite field Diffie-Hellman (DHE) sizes up to 4096 bits. TLS 1.3 is proposing to support DHE sizes up to 8192 bits. NIST FIPS 186-4 is proposing 3072-bits DSA parameters. However, the generation of big DH groups and DSA parameters can be extremely slow. In general, pre-computed values are used in protocols and applications. Additionally, DH key exchanges are recommended to use safe prime groups. As requires a tool to generate qualified DH and DSA parameters.
Description
-----------
Add DH and DSA parameters generation options to JDK Keytool.
Testing
-------
1. test that keytool can generate DH groups with DH generator 2, 5.
2. test that the generated DH groups are safe primes.
3. test that the DH parameter generation can support groups up to 8192 bits.
4. test that the DSA parameter generation can support primes up to 3072 bits.