Bonsoir,
This is an english spoken mailing list, so I'll reply in english.
With Diffie-Hellman, g (the generator) is public, and can thus be shared
by all the actors (nodes, in your study).
Each actor's private key (a or b in your example) is used only once and
discarded at the end of the session, or you lose the forward secrecy
ability.
In your study, you could either build a session key with each individual
node participating in the session, or all the participating nodes could
generate a common session key:
- Alice, Bob, and Carol all choose their private keys (a, b, c)
- Alice sends g^a to Bob
- Bob sends (g^a)^b to Carol
- Carol computes ((g^a)^b)^c and keeps it secret
- Bob sends g^b to Carol
- Carol sends (g^b)^c to Alice
- Alice computes ((g^b)^c)^a and keeps it secret
- Carol sends g^c to Alice
- Alice sends (g^c)^a to Bob
- Bob computes ((g^c)^a)^b and keeps it secret
- Alice, Bob, and Carol share the same secret: g^abc
If you carefully choose p (size and factors of p-1), then you don't have
to worry about finding a given g^a mod p.
Look for "General Number Field Sieve" to get numbers, this is the most
efficient algorithm so far, with large enough p.
In your presented study, authentication is left aside. That's good for a
school study, but not for real life work.
Le 19/01/2012 17:01, BENAMAR Lydia a écrit :
Bonsoir,
dans le cadre de notre projet de fin d'étude, nous sommes amenées à
utiliser la technique de Deff Hellman afin d'initier une session entre
la source des paquets et tous les noeuds du chemins. si vous permettez
on a quelques questions à vous poser.
est ce que la source peut échanger le même g et a avec tous les noeuds
du chemin?
quel est le temps nécessaire pour un attaquant qui écoute les valeur
g^a et g^b pour connaitre g^ab?
quel algorithme est le plus approprié en terme d'efficacité et de
consommation des ressources?
en attente de toute suggestion, acceptez nos salutations.
--
Erwann ABALEA
-----
caïssaphique: se dit d'une lesbienne qui joue aux échecs. (Caïssa est la déesse
des échecs)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org