Mike,
I would recommend using DH parameters that have already gone through
some scrutiny, such as those in the PGP source code or those specified for
IKE (http://www.ietf.org/rfc/rfc2409.txt, section 6).
If you really want to generate your own, you can examine any one of
several sources including the PGP source code, the Schneier book or the
Menezes, Vanstone, and Van Oorschot book, the RFC mentioned above as well as
http://www.ietf.org/rfc/rfc2412.txt, and others that I have forgotten.
Greg Stark, [EMAIL PROTECTED]
Chief Security Architect
Ethentica, Inc.
www.ethentica.com
----- Original Message -----
From: "Mike Tinnes" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, August 15, 2000 4:41 PM
Subject: Diffie-Hellman parameters
> This question isn't directly related to openssl, but does anyone know of a
> 'most secure' method of choosing Diffie-Hellman parameters? More
> specifically I need to hardcode the prime and base components of the DH
> algorithm and would like some advise on how to choose these.
>
> Thanks, Mike
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
