Antonio Sanso <[email protected]> writes:
>Comments/answers are welcomed :)
The older RFC 2409 primes are standard PKCS #3 values, {p, g}. RFC 5114 uses
FIPS 186 values, {p, q, g} which allows verification of the values, or at
least certain properties of the values, e.g. that g is a generator of order q.
Unfortunately the generation process given in FIPS 186 also results in huge g
values (same size as p rather than g = 2 for the RFC 2409 values), which is a
lot less efficient than using g = 2.
And the FIPS 186 part is the explanation for its origins, it's NIST 800-56A
republished as an RFC. As usual with NIST there's no explanation for where
these values came from. Maybe Jerry Solinas from the NSA provided them.
Peter.
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
