|

»

»

Origin of DH modulus

View: New views

3 Messages — Rating Filter: Alert me

	Origin of DH modulus by Dwayne C. Litzenberger :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message http://openid.net/specs/openid-authentication-2_0.html#pvalue states: Appendix B. Diffie-Hellman Key Exchange Default Value This is a confirmed-prime number, used as the default modulus for Diffie-Hellman Key Exchange. In hexadecimal: DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61E F75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D268370557 7D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E382 6634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22C583AB Where did this number come from? A quick Google search reveals nothing particularly enlightening. When specifying constants for cryptographic protocols, it is customary to explain how the constant was arrived at so that people can be assured that they were not specially chosen to (for example) act as a backdoor. See: http://en.wikipedia.org/wiki/Nothing_up_my_sleeve_number http://en.wikipedia.org/wiki/Dual_EC_DRBG Ideally, this information should accompany the modulus in the OpenID spec itself. -- Dwayne C. Litzenberger <dlitz@...> Key-signing key - 19E1 1FE8 B3CF F273 ED17 4A24 928C EC13 39C2 5CF7 Annual key (2008) - 4B2A FD82 FC7D 9E38 38D9 179F 1C11 B877 E780 4B45 _______________________________________________ specs mailing list specs@... http://openid.net/mailman/listinfo/specs signature.asc (204 bytes) Download Attachment
	Re: Origin of DH modulus by Martin Atkins-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Dwayne C. Litzenberger wrote: > http://openid.net/specs/openid-authentication-2_0.html#pvalue states: > > Appendix B. Diffie-Hellman Key Exchange Default Value > > This is a confirmed-prime number, used as the default modulus for > Diffie-Hellman Key Exchange. In hexadecimal: > > DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61E > F75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D268370557 > 7D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E382 > 6634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22C583AB > > Where did this number come from? A quick Google search reveals nothing > particularly enlightening. > > When specifying constants for cryptographic protocols, it is customary > to explain how the constant was arrived at so that people can be assured > that they were not specially chosen to (for example) act as a backdoor. > See: > > http://en.wikipedia.org/wiki/Nothing_up_my_sleeve_number > http://en.wikipedia.org/wiki/Dual_EC_DRBG > > Ideally, this information should accompany the modulus in the OpenID > spec itself. > Paul Crowley originally pulled a number out of /etc/ssh/moduli on his machine and checked it for prime-ness: http://lists.danga.com/pipermail/yadis/2005-June/000718.html I've not checked to see if this is the same number (too lazy to convert huge hex to decimal) but even if it isn't I'd guess the number was probably found in a similar way. Unfortunately, "I just picked this out of a file on my computer" isn't a great thing to cite in a specification. _______________________________________________ specs mailing list specs@... http://openid.net/mailman/listinfo/specs
	Re: Origin of DH modulus by Breno de Medeiros :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Actually, the information that both p and (p-1)/2 were checked for being prime is useful and should be cited in the spec. On Fri, Jul 18, 2008 at 11:05 AM, Martin Atkins <mart@...> wrote: > Dwayne C. Litzenberger wrote: >> http://openid.net/specs/openid-authentication-2_0.html#pvalue states: >> >> Appendix B. Diffie-Hellman Key Exchange Default Value >> >> This is a confirmed-prime number, used as the default modulus for >> Diffie-Hellman Key Exchange. In hexadecimal: >> >> DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61E >> F75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D268370557 >> 7D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E382 >> 6634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22C583AB >> >> Where did this number come from? A quick Google search reveals nothing >> particularly enlightening. >> >> When specifying constants for cryptographic protocols, it is customary >> to explain how the constant was arrived at so that people can be assured >> that they were not specially chosen to (for example) act as a backdoor. >> See: >> >> http://en.wikipedia.org/wiki/Nothing_up_my_sleeve_number >> http://en.wikipedia.org/wiki/Dual_EC_DRBG >> >> Ideally, this information should accompany the modulus in the OpenID >> spec itself. >> > > Paul Crowley originally pulled a number out of /etc/ssh/moduli on his > machine and checked it for prime-ness: > > http://lists.danga.com/pipermail/yadis/2005-June/000718.html > > I've not checked to see if this is the same number (too lazy to convert > huge hex to decimal) but even if it isn't I'd guess the number was > probably found in a similar way. > > Unfortunately, "I just picked this out of a file on my computer" isn't a > great thing to cite in a specification. > > > _______________________________________________ > specs mailing list > specs@... > http://openid.net/mailman/listinfo/specs > -- --Breno +1 (650) 214-1007 desk +1 (408) 212-0135 (Grand Central) MTV-41-3 : 383-A PST (GMT-8) / PDT(GMT-7) _______________________________________________ specs mailing list specs@... http://openid.net/mailman/listinfo/specs