The failure means that the generator you're using isn't a quadratic residue, which means you're always leaking one bit (the least significant) of the private key. This is probably acceptable if you're using a long enough private key, so you might want to just ignore it if you can't get the other server to change its parameters.
On Wed, Mar 03, 2004 at 12:41:50PM -0700, Joseph Galbraith wrote: > Hello, > > I have a set of DH key agreement parameters that > are being negotiated as part of a protocol. > > When talking to a different server (not our implementation), > the parameters do not validate. > > CryptoPP::DL_GroupParameters<CryptoPP::Integer>::Validate() > > calls > > ValidateElement(level, > GetSubgroupGenerator(), > &GetBasePrecomputation()) > > which checks that > > Jacobi(g, p) == 1. > > This check is what is failing. > > So, I want to be able to talk intelligently > (or at least some reasonable facsimile thereof) > to the the implementer of the server about what > the problem is with the DH parameters they are > giving me. > > So, my question is, what is the meaning of > this failure? What are the security implications? > > Thanks for any answers, > > Joseph
