[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: D-H key exchange - how does it work?

Eric Hughes says:
>    > In addition, changing the modulus can have unpleasant effects on
>    > traffic analysis, if not done properly.
>    Of what sort?
> For D-H, the modulus must be transmitted in the clear.  Unless you use
> a different modulus for each conversation, there is a persistency to
> the moduli that gives rise to a pseudo-identity.

You don't HAVE to transmit the modulus in the clear. Its often
worthwhile to use D-H for key exchange even if both sides know the
other's RSA public keys. Why? Because then the keys used for
conventional session encryption need not be compromised for historical
traffic even if the RSA keys are later compromised.