hi,
In Diffie Hellman key exchange we choose a large prime
in Fp. The prime is publicly known,so is g,preferably
a generator in Fp*.
The reason that you might need to change the prime
frequently is only if you donot choose g(element of)Fp
to be a generator in Fp or the prime field be too
small.
If the attacker knows the prime factorization of p-1,
where p-1=q_1*q_2*...*q_n,he can compute which of
g^((p-1)/q_i)== 1 mod p and determine the order of g.
If it has a lower order, the attack is easier.
If you choose g of maximum order in Fp, then you will
have maximum security.
> physical retrieval of the DH prime (and the rest of
> the certificate) allow
> him to decode the captured log?
The diffie-hellman key exchange works under the
assumption that knowing only g^a and g^b, it is
computationaly infeasible for the attacker to
calculate g^(ab) and breaking it is conjenctured to be
as hard as the discrete log problem.
Sarath.
__________________________________
Do you Yahoo!?
SBC Yahoo! - Internet access at a great low price.
http://promo.yahoo.com/sbc/
