On Nov 17, 5:34 pm, smu johnson <[email protected]> wrote: > Hi, > > Sorry I am not much of a C++ expert so instead of pulling my hair out I'd > like to ask this question: > > Does it take a long time to do DH bignum math (powMod) with sizes higher > than 8192 bit prime groups? The RFC spec says it will take an impractical > amount of time @http://tools.ietf.org/html/rfc3526, but I am thinking > maybe the times have changed with faster computers. I believe Crypto++ uses Montgomery, which I think is k(k+1) or k^2. You'll spend most of the time looking for the safe prime.
> The reason is I want to securely do DH for 256 bit symmetric keys, and the > RFC seems to think that you'll need very high prime groups to do it. You will need a modulus around 15360 (NIST). ECRYPT II recommends similar. See http://www.cryptopp.com/wiki/Security_level and ECRYPT II Yearly Report on Algorithms and Keysizes. > Also, is there a limit for the group size in Crypto++? The limit is based on the size of class Integer, which is something like 2^256^256. In practice, there is no limit. > Does it have the RFC groups hardcoded in them, or must you generate > your own primes for its DH? I'll get some example up soon. Check http://www.cryptopp.com/wiki/Diffie-Hellman. Jeff -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com.
