From 1cd8e7ef3dc7538cc0a0a4d8f38eeb3fd24f1872 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 20 Oct 2015 08:47:10 -0500 Subject: add a little bit about ECDHE --- docs/hazmat/primitives/asymmetric/ec.rst | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'docs') diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst index e4df9b10..2fac6d71 100644 --- a/docs/hazmat/primitives/asymmetric/ec.rst +++ b/docs/hazmat/primitives/asymmetric/ec.rst @@ -147,6 +147,10 @@ Elliptic Curve Key Exchange algorithm ... ).public_key() >>> shared_key = private_key.exchange(ec.ECDH(), peer_public_key) + ECDHE (or EECDH), the ephemeral form of this exchange, is **strongly + preferred** over simple ECDH and provides `forward secrecy`_ when used. + You must generate a new private key using :func:`generate_private_key` for + each ``exchange`` when performing an ECDHE key exchange. Elliptic Curves --------------- @@ -470,3 +474,4 @@ Key Interfaces .. _`SafeCurves`: http://safecurves.cr.yp.to/ .. _`ECDSA`: https://en.wikipedia.org/wiki/ECDSA .. _`EdDSA`: https://en.wikipedia.org/wiki/EdDSA +.. _`forward secrecy`: https://en.wikipedia.org/wiki/Forward_secrecy -- cgit v1.2.3 d class='form'> openwrt master 187ad058James

about summary refs log tree commit diff stats

path: root/target/linux/generic/patches-4.4/271-uapi-libc-compat.h-do-not-rely-on-__GLIBC__.patch

blob: b8e6a3a88204fde259e10d84d4110e5b7c6ae20f (plain)