[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Some stuff about Diffie-Hellman (and more :-)
Perry E. Metzger sez:
>
> Indeed, a paper has been published on how to break Sun Secure RPC
> based on the idiotic decision by someone at Sun to standardise the
> modulus used. It is basically a matter of precomputing a lot of data
> based on the numbers which allows you to break any particular discrete
> log in that field on the fly. The suggestion by Mr. Cain to use a
> single generator and modulus for all traffic is astonishingly naive.
Now wait a minute, Perry. If a device is going to use other than a
set of known moduli or even just one, how are two devices going to each
know what the other is using without a listner knowing? I think it is
pretty much agreed that devices that use "secret" numbers are not very
practical. What you say seems to indicate that D-H as we know and
love it has been rendered obsolete because it depends on the modulus
being known. What am I missing?
Peace,
Bob
--
Bob Cain [email protected] 408-354-8021
"I used to be different. But now I'm the same."
--------------PGP 1.0 or 2.0 public key available on request.------------------