On Thu, Apr 21, 2011 at 7:44 AM, ikuzar wrote:
> Ok,
> I see now what you mean. I 'll try to hash the shared value with SHA1, then
> truncate it to obtain 128 bits ...
In addition to Dave's comments, see NIST 800-135 and RFC 5869 for
guidelines and recommendations on extract-and-expand key derivat
> From: owner-openssl-us...@openssl.org On Behalf Of ikuzar
> Sent: Tuesday, 19 April, 2011 18:57
> So, have I to generate a prime with length = 3200 bits ?,
> ( the corresponding exponent will belong to 3200-bit MODP group )
> in order to generate an AES 128 session key ? ( I
Ok,
I see now what you mean. I 'll try to hash the shared value with SHA1, then
truncate it to obtain 128 bits ...
2011/4/20 Mike Mohr
> Look, the typical way you'd use the DH shared secret would be to hash
> it using an appropriate hash function. I personally like using Tiger
> with AES-192, Y
Ikuzar,
I'm not sure what software you're writing. Please understand that I'm
not trying to be mean spirited when I say this, but if you don't
already know the difference between symmetric vs public-key crypto
then you should not be writing this type of code. Stop doing it until
you have a firm
2011/4/19 Dave Thompson
> > From: owner-openssl-us...@openssl.org On Behalf Of ikuzar
> > Sent: Monday, 18 April, 2011 11:01
>
> > I 'd like to know the length of DH session key generated by
> > DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) .
> > Here : http://www.
Sorry I do not see the link between my previous post and your answer.
2011/4/20 Mike Mohr
> Look, the typical way you'd use the DH shared secret would be to hash
> it using an appropriate hash function. I personally like using Tiger
> with AES-192, YMMV.
>
> On Tue, Apr 19, 2011 at 3:56 PM, iku
Look, the typical way you'd use the DH shared secret would be to hash
it using an appropriate hash function. I personally like using Tiger
with AES-192, YMMV.
On Tue, Apr 19, 2011 at 3:56 PM, ikuzar wrote:
> So, have I to generate a prime with length = 3200 bits ?, ( the
> corresponding exponen
So, have I to generate a prime with length = 3200 bits ?, ( the
corresponding exponent will belong to 3200-bit MODP group ) in order to
generate an AES 128 session key ? ( I use 2 as generator ).
Here http://tools.ietf.org/html/rfc3526, it is said :
"The new Advanced Encryption Standard (AES)
Addendum - depending on the use of DH (usually using the DH shared
secret as a basis for key exchange), the choice of prime is more
important than private exponent length. Safe primes or strong primes
are warranted. Most systems use small generators (e.g., 2).
- M
On Mon, Apr 18, 2011 at 7:25 P
The private exponent length need only be sufficient to make a brute
force search (using the public exponent as a target) computationally
infeasible, since the discrete log problem is still in the "hard"
category.
Cogent DH Private Exponent recommendations are always stated in terms
of P, e.g., x :
You might take a look at RFC 3526:
http://tools.ietf.org/html/rfc3526
It is my understanding that the DH exponent can be significantly
shorter than the modulus without compromising security. RFC 3526 is
from 2003, but I haven't found anything published since then that
would make me think its ass
> From: owner-openssl-us...@openssl.org On Behalf Of ikuzar
> Sent: Monday, 18 April, 2011 11:01
> I 'd like to know the length of DH session key generated by
> DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) .
> Here : http://www.openssl.org/docs/crypto/DH_generate
Hello,
I 'd like to know the length of DH session key generated by
DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) . Here :
http://www.openssl.org/docs/crypto/DH_generate_key.html
It is said that *key* must point to *DH_size(dh)* bytes of memory. is 128
bits the default length ? how can
13 matches
Mail list logo
