Of course, the second approach is a lot faster - however, can anyone explain
the warning not from the documentation Be careful to avoid small subgroup
attacks when using this. ? AFAIK, for such attacks to be effective, they
require that the parameters are re-used multiple times. However, in
Hi all,
I am working on an application that would use DH to allow exchanging
symmetric keys (not a TLS app), and we noticed that we could use two
different approaches to generate the parameters.
The first option is to use the DH_generate_parameters_ex() +
DH_generate_key() - but that takes