From 21a45f2f2d4c6084bd17a2a9b51a25844b535603 Mon Sep 17 00:00:00 2001 From: Andreas Steffen Date: Sun, 26 Oct 2008 23:53:52 +0000 Subject: use 512 bits of entropy for secret DH exponents --- src/pluto/constants.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/pluto/constants.h') diff --git a/src/pluto/constants.h b/src/pluto/constants.h index 989faeea3..9505d3426 100644 --- a/src/pluto/constants.h +++ b/src/pluto/constants.h @@ -279,7 +279,7 @@ extern const char sparse_end[]; "4009438B 481C6CD7 889A002E D5EE382B C9190DA6 FC026E47" \ "9558E447 5677E9AA 9E3050E2 765694DF C81F56E8 80B96E71" \ "60C980DD 98EDD3DF FFFFFFFF FFFFFFFF" -#define LOCALSECRETSIZE (256 / BITS_PER_BYTE) +#define LOCALSECRETSIZE (512 / BITS_PER_BYTE) /* limits on nonce sizes. See RFC2409 "The internet key exchange (IKE)" 5 */ #define MINIMUM_NONCE_SIZE 8 /* bytes */ -- cgit v1.2.3