Regenerating DHparams

Is there any recommended schedule for regenerating DHparams for Postfix? I
could not find anything specific about it.


Re: Regenerating DHparams

By Viktor Dukhovni at 11/07/2018 - 13:47

Since the parameters are not secret (in fact sent to the client with every
full handshake), there's no risk of compromise through disclosure. So the
only risk is a successful "index method" pre-computation that makes subsequent
discrete logarithms easier to compute.

I am not aware of any research that suggests such attacks are feasible for
2048-bit DH parameters, so there's no specific guidance on rotation frequency.
Most users probably just run with the default compiled-in parameters, but you
can rotate yours periodically. Just generating parameters once that are not
the same as those of most other users is probably good enough, but it is also
cheap to rotate them. It is easy to set up a cron job that runs every 30 days,
so that might be reasonable.