I am looking at attacks on Diffie-Hellman.
The protocol implementation I'm looking at designed their diffie-hellman using 128 bit primes (generated each time, yet P-1/2 will be a prime, so no go on pohlig-hellman attack), so what attacks are there that I can look at to come up with either the logarithm x from (a=g^x mod p) or the session key that is calculated. A brute force wouldn't work, unless I know the starting range. Are there any realistic attacks on DH parameters of this size, or is theoretically based on financial computation attacks?
You can find good explanation for the rationale behind Diffie-Hellman parameters as well as general precautions for implementation in a good paper called "Security Issues in the Diffie-Hellman Key Agreement Protocol"
You can find it in: http://citeseer.nj.nec.com/483430.html
Regards, Hagai.
Hagai Bar-El - Information Security Analyst Tel.: 972-8-9354152 Fax.: 972-8-9354152 E-mail: [EMAIL PROTECTED] Web: www.hbarel.com
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]