Hi Joy, Joy Latten wrote: > This patch adds the MODP DH Groups 22-24 defined in RFC 5114. > > After consulting with ietf ipsec mailing list, I realized all I needed > to do was add the constants for these groups. > > I tried interoperability testing with openswan's DH groups 22-24. > Unfortunately, I could not get strongswan->openswan to work with > any of the new or old modp groups. Openswan complained about the message > ID it received, which looked correct to me. This problem as outside the > scope of my patch. > I was able to get openswan->strongswan to work with old and new modp > groups. > > I was also told following on ipsec ietf list: > > 1. The exponent only needs to be size of q, for group 22-24. I noticed > in strongswan it likes to use the size of the prime. I left it like > this. > There is no sense spending a lot of entropy by choosing a secret DH exponent which is larger than the size q of the subgroup since the resulting public DH factor will just wrap around modulo q.
In order to restrict the secret factor to the size of the subgroup either q or at least the number of bits of q (160, 224, 256 bits) should be stored in the dh_params tables. Actually they are already stored there as the optimum secret size (20, 28, 32 octets) but these restrictions should also be heeded with charon's default setting libstrongswan.dh_exponent_ansi_x9_42=yes where with the normal DH groups secret is chosen randomly up to the full prime p size. So probably an additional column is needed in the dh_params table containing the maximum size of ANSI X9.42 secrets. > 2. Doing all validation steps as defined in NIST SP 800-56A is important > for groups 22-24. I am currently determining what this is and will > submit a second patch very soon. > > Let me know if this patch looks ok. > Thanks! > > regards, > Joy Best regards Andreas ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
