I'll explain you the situation.I'm developping a module of SRTP and I'm using the openssl library inside my C code. I need to generate a shared secret which sizes 16 byte. I exchange public DH parameters with the client using the DH function. I don't know how to set DH parameters into a defined size about the final secret, gained using DH_compute_key() function. Thank you for your help,
Hector Agustin Cozzetti Subject: RE: Doubt about the use and initialization of DH structDate: Sat, 15 Dec 2007 13:13:09 -0700From: [EMAIL PROTECTED]: openssl-users@openssl.org I would suggest that you examine RFC 2631 (section 2.1.1) or Secure Programming Cookbook by Viega & Messier (Section 8.17) for information on this topic. Typically with DH, two parties (A and B) wish to compute a shared secret. Each computes a private & public key pair, exchange public keys and then use their private key with the others public key to compute a shared secret. So, if xa and xb are the private keys of A and B, and ya and yb are the public keys of A and B, then SS = (yb ^ xa) mod p = (ya ^ xb) mod p Usually the value SS is combined with other information as input to a Key Derivation Function to generate as many bits as are required for the application. Another reference is NIST Special Publication 800-56A (chapter 6) http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf Bill From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Agustin CozzettiSent: December 15, 2007 12:15 PMTo: [EMAIL PROTECTED]: RE: Doubt about the use and initialization of DH struct Thank you for your reply!!!I have another question about this topic. I need to generate a shared secret which size 16 byte, using a DH_compute_key() function. How can i manage that size???? Should I use a 16 byte dh->p???? Thank you for your help, Hector Agustin Cozzetti _________________________________________________________________ Ti piace giocare con le lettere? Prova ABCLive! http://messengergiochi.it.msn.com/