Hi,
I can give some more details of my problem, which turns to be really weird.
It's still about client/server application that performs DSA authentication,
DH key-exchange and 3DES symmetric encryption. This application is deployed
on several platforms (at the moment Windows, Linux and Solaris).
There are no problems on any of these platforms (also in mixed platforms,
lets say server on Linux and Client on Windows), until I try to perform a
handshake between Solaris and other platform (yes. there is no problem if
both client and server are on Solaris).
The problem is that the symmetric key I receive on each side (form the
function DH_compute_key(...) ) is different !!!
and this happens only when one of the handshake sides are on Solaris and the
other is on Windows/Linux.
Thanks, Ohad
-----Original Message-----
From: Joseph Ashwood [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 15, 2001 11:10 AM
To: [EMAIL PROTECTED]
Subject: Re: symmetric key produced by Diffie-Helman alg. not equal in
both sides
----- Original Message -----
From: "Bruker, Ohad" <[EMAIL PROTECTED]>
> All the basic stuff you mentioned is implemented right.
> It is already *WORKING* on Linux and Windows platforms without any
problems.
> I encounter this problem probably because Solaris does not support random
> device !!!
> The manual seeding of the PRNG probably cause this problem (symmetric key
in
> both sides is not equal).
> Thanks, Ohad.
The PRNG has absolutely nothing to do with the negotiation. The PRNG is only
used when creating the keys and their parameters, after that no randomness
enters or leaves the system. The DH exchange is simply:
Pka, Pkb = public keys for A and B
Ska, Skb = private keys for A and B
P = a large prime
G = a generator for P (typically a small prime, 2 or 5 is common)
Ska, Skb = Random numbers
Pka = G^Ska mod P
Pkb = G^Skb mod P
the shared secret is
K1 = Pka^Skb mod P
K2 = pkb^Ska mod P
K1=K2
Because the public key can also be any random value, the PRNG is not an
issue (as long as it doesn't generate 0). If you're sure that modular
exponentiation is working and that the keys are being transferred correctly,
then it must work, regardless of the PRNG involved. That's why I was asking
those questions. If you can dissect the implementation and make sure that
each of these is performing properly, DH key exchange will work correctly.
Joe
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
