William, have a look at MODP (Modular Exponential DH Groups) referenced in RFC5246: RFC2409 defines primes for 768 and 1024 bit, and RFC3526 defines primes for 1536, 2048, and 3072 bit. (The generator is always 2.) Peter-Michael
_____ From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of William Cai Sent: Monday, July 06, 2009 3:25 AM To: openssl-users@openssl.org Subject: Re: a question about Diffie-Hellman key exchange mode Thanks Michael! Could you please share me some information about when/how to agree upon p & g? Thanks, William _____ From: Michael Sierchio <ku...@tenebras.com> To: openssl-users@openssl.org Sent: Sunday, July 5, 2009 11:58:42 PM Subject: Re: a question about Diffie-Hellman key exchange mode William Cai wrote: > According to my understanding, Diffie-Hellman algorithm is based on > something like this, > 1. public prime number, p > 2. public base, g > 3. Side A's private key, a > 4. Side A's public key, A = g ^ a mod p > 5. Side B's private key, b > 6. Side B's public key, B = g ^ b mod p > > The question is that which items above the Diffie-Hellman public > parameters consist of? If they are 1, 2 and 4, then we need at least an > additional step pass the public prime number and public base to the > other side, otherwise, the other side cannot calculate its public key. > right? But I don't see such description in the paper. Are public prime > number and public base presetted? Yes, the p and g are well known and agreed upon in advance. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
