[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: DH vs. RSA use for symmetric key exchange
> Is PFS intended to cover the risk associated with an RSA private key being
> compromised? If so, I assume it would apply to DH keys as well if they get
> reused. An optimization in IKE ( I think ) is the ability to reuse DH keys
> to establish multiple SAs and generate multiple keys. Is there any
> recommendation on how many SAs can be generated or for how long a DH key can
> be used?
I've never previously seen a suggestion that IKE should use
non-ephemeral DH keys, so it's fair to say, "one DH key, one (phase 1)
SA" and "one DH key, one (phase 2 with pfs) SA".