1)The exponent x in DH can be any number.It should be big enough to
bear attack.The source in DH told us what exponent x can be.
ref:dh_key.c
if (generate_new_key)
{
l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent
length */
if (!BN_rand(priv_key, l, 0, 0)) goto err;
}
2)The time of generation depends the length of your DH parameters.The longger
parameters you created, the more time you need to compute the value.
ref:
int DH_generate_parameters_ex(DH *dh,int prime_len,int generator, BN_GENCB *cb);
At 2011-03-23 08:12:37,ikuzar <razuk...@gmail.com> wrote:
Hello,
I 'd like to know :
1) if exponent x in g^x must be a great prime number. In some docs I saw, it is
said that x must b a GREAT number but no information about primality ..
2) May generation of 'x' run for hours like related here
:http://www.openssl.org/docs/crypto/DH_generate_parameters.html ( in NOTES)
Thanks for your help.
