i paste a discussion to openssl-users how to implement this attack in perl
Le mercredi 23 mars 2011 à 09:13 +0800, Ziyu Liu a écrit :
> 1)The exponent x in DH can be any number.It should be big enough to
> bear attack.The source in DH told us what exponent x can be.
> ref:dh_key.c
> if (generate_new_key)
> {
> l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret
> exponent length */
> if (!BN_rand(priv_key, l, 0, 0)) goto err;
> }
> 2)The time of generation depends the length of your DH parameters.The
> longger parameters you created, the more time you need to compute the
> value.
> ref:
> int DH_generate_parameters_ex(DH *dh, int prime_len,int generator,
> BN_GENCB *cb);
>
>
> At 2011-03-23 08:12:37,ikuzar <razuk...@gmail.com> wrote:
> Hello,
> I 'd like to know :
> 1) if exponent x in g^x must be a great prime number. In some
> docs I saw, it is said that x must b a GREAT number but no
> information about primality ..
> 2) May generation of 'x' run for hours like related here :
> http://www.openssl.org/docs/crypto/DH_generate_parameters.html
> ( in NOTES)
> Thanks for your help.
>
>
>
--
gpg --keyserver pgp.mit.edu --recv-key 092164A7
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x092164A7
signature.asc
Description: Ceci est une partie de message numériquement signée
