Hi list, I get a question regarding Diffie-Hellman key exchange of SSL. Not sure if this is the right place for such question. But this could be an easy one for those who are familiar with SSL protocol. :-) Below is cited from William Stallings' paper.
------------------------- cited from Internet ------------------------------- Fixed Diffie-Hellman: This a Diffie-Hellman key exchange in which the server's certificate contains the Diffie-Hellman public parameters signed by the certificate authority (CA). That is, the public-key certificate contains the Diffie-Hellman public-key parameters. The client provides its Diffie-Hellman public key parameters either in a certificate, if client authentication is required, or in a key exchange message. This method results in a fixed secret key between two peers, based on the Diffie-Hellman calculation using the fixed public keys. ----------------------- end of the citation ------------------------- According to my understanding, Diffie-Hellman algorithm is based on something like this, 1. public prime number, p 2. public base, g 3. Side A's private key, a 4. Side A's public key, A = g ^ a mod p 5. Side B's private key, b 6. Side B's public key, B = g ^ b mod p The question is that which items above the Diffie-Hellman public parameters consist of? If they are 1, 2 and 4, then we need at least an additional step pass the public prime number and public base to the other side, otherwise, the other side cannot calculate its public key. right? But I don't see such description in the paper. Are public prime number and public base presetted? Any response is appreciated! Thanks, William ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
