I'm not certain I understand your questions, but here are some answers (I think). In the DH protocol you have what we call public parameters, p and g. p is a large prime integer, which defines a group Z*p, g is a generator which defines a subgroup in Z*p. You can use fix values for p an g. Now, participants will choose private and public keys. The private key is simply chosen as a random number x, whose value is between 1 and p-1. The public key associated to x will be y = g^x mod p. Participants keep x secret and y is public. You can say that (y, g, p) is the public key, or simply say that y is the public key if g and p (the public parameters) are implicitly known. Participants can choose a different x and associated y on each execution of the protocol, or have long term private public key pairs.

--Anton >The Check Point Firewall-1 Docs insist, that the public keys be used >for p and g for the Oakley key exchange. I ask you: is this >possible? > > - which of the two pubkeys will be p, which g? > - are they both always primes? > - are they both always suitable generators mod p? > >It just seems to me that Check Point isn't entirely sure themselves >here. I'd appreciate a short cleanup... > >To my knowledge, g and p are globally defined, either in DH Groups >(which are nothing but pre-defined g's and p's, right?), or >otherwise set constant. Am I wrong about this? Thanks. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]