Hi list,

I get a question regarding Diffie-Hellman key exchange of SSL. Not sure
if this is the right place for such question. But this could be an easy
one for those who are familiar with SSL protocol. :-) Below is cited
from William Stallings' paper.

------------------------- cited from Internet
-------------------------------
Fixed Diffie-Hellman: This a Diffie-Hellman key exchange in which the
server's certificate contains the Diffie-Hellman public parameters
signed by the certificate authority (CA). That is, the public-key
certificate contains the Diffie-Hellman public-key parameters. The
client provides its Diffie-Hellman public key parameters either in a
certificate, if client authentication is required, or in a key exchange
message. This method results in a fixed secret key between two peers,
based on the Diffie-Hellman calculation using the fixed public keys.
----------------------- end of the citation -------------------------

According to my understanding, Diffie-Hellman algorithm is based on
something like this,
1. public prime number, p
2. public base, g
3. Side A's private key, a
4. Side A's public key, A = g ^ a mod p
5. Side B's private key, b
6. Side B's public key, B = g ^ b mod p

The question is that which items above the Diffie-Hellman public
parameters consist of? If they are 1, 2 and 4, then we need at least an
additional step pass the public prime number and public base to the
other side, otherwise, the other side cannot calculate its public key.
right? But I don't see such description in the paper. Are public prime
number and public base presetted?

Any response is appreciated!

Thanks,
William
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to