Re: Q: DH Parameter Generation and Confinement Attacks
- From: mdw@xxxxxxxxxxxxxxxx (Mark Wooding)
- Date: Tue, 30 Nov 2010 00:58:07 +0000
ggr@xxxxxxxxxxxxx (Greg Rose) writes:
FIPS ummm... 186-2 has a procedure for this too. Basically, take a[...]
seed and hash it with SHA-1.
For extra joy, FIPS 186--3 has a slightly different procedure, which
uses SHA-256 and friends -- but lets you generate keys with larger
subgroups, so there is a point.
I have code that will do it, which I will make available if there is
enough interest. (I have to jump through export control/legal hoops
these days, so I won't do it unless people care. It uses libtomcrypt.)
I also have code which will do the FIPS 186--2 version of the procedure.
(My crypto library is a bit behind the times nowadays; it's awaiting
some shiny new toys I need for a major overhaul, and they're waiting on
something else, so don't expect the --3 version for a while.)
-- [mdw]
.
- References:
- Q: DH Parameter Generation and Confinement Attacks
- From: Jeffrey Walton
- Re: Q: DH Parameter Generation and Confinement Attacks
- From: Ertugrul Söylemez
- Re: Q: DH Parameter Generation and Confinement Attacks
- From: Scott Contini
- Re: Q: DH Parameter Generation and Confinement Attacks
- From: Kristian Gjøsteen
- Q: DH Parameter Generation and Confinement Attacks
- Prev by Date: Re: Huge discrepancy in "standards" of risk evaluation for theory vs. for practice in cryptology
- Next by Date: Re: Huge discrepancy in "standards" of risk evaluation for theory vs. for practice in cryptology
- Previous by thread: Re: Q: DH Parameter Generation and Confinement Attacks
- Next by thread: Re: Q: DH Parameter Generation and Confinement Attacks
- Index(es):
Relevant Pages
|
