[#MDEV-8352] Increase Diffie-Helman modulus to 2048-bits

[MDEV-8352] Increase Diffie-Helman modulus to 2048-bits Created: 2015-06-22 Updated: 2015-07-31 Resolved: 2015-07-28
Status:	Closed
Project:	MariaDB Server
Component/s:	SSL
Fix Version/s:	5.5.45, 10.0.21

Type:

Task

Priority:

Critical

Reporter:

Ian Gilfillan

Assignee:

Sergei Golubchik

Resolution:

Fixed

Votes:

Labels:

None

Sprint:

5.5.45

Description

Debian reported a bug in an older version of MariaDB relating to using a 512-bit modulus when
negotiating a Finite-Field Diffie-Hellman Ephemeral (FFDHE) handshake in TLS.

This was increased to 1024 in 10.0.18, but MySQL increased this to 2048 in their 5.7.7 release in Oct 2014, and the current consensus is that, while 1024 is currently sufficient, it's unlikely to be in the near to medium future.

Debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788905

Generated at Thu Feb 08 07:26:31 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-8352] Increase Diffie-Helman modulus to 2048-bits Created: 2015-06-22 Updated: 2015-07-31 Resolved: 2015-07-28