On Sat, Nov 27, 2010 at 08:54:42AM -0800, Jeffrey Walton wrote: > On Nov 17, 5:34pm, smu johnson <[email protected]> wrote: > > > > Does it take a long time to do DH bignum math (powMod) with sizes higher > > than 8192 bit prime groups? The RFC spec says it will take an impractical > > amount of time @http://tools.ietf.org/html/rfc3526, but I am thinking > > maybe the times have changed with faster computers. > I believe Crypto++ uses Montgomery, which I think is k(k+1) or k^2. > You'll spend most of the time looking for the safe prime.
I'm curious whether a strong prime is the best option here. It looks rather practical to choose a group of a reasonable order and of reasonable modulus instead. > > The reason is I want to securely do DH for 256 bit symmetric keys, and the > > RFC seems to think that you'll need very high prime groups to do it. RFC refers to a 'disagreement' citing two papers, and, as a result, avoiding a 'should' statement on modulus size. > -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com.
