I have a question on what the items are under the FWZ properties of
FireWall-1. Mainly the items that are under consideration are as follows:
-Under the Key Manager tab: Exponent and Modulus
-Under the DH tab: Key
Let's also assume the following:
Under the Diffie-Hellman scheme, there are two people who wish to establish
a secret key to use in the symmetric encryption manner. The users are Alice
and Bob:
1. Both Alice and Bob know of the two public numbers needed between them:
g (a 512bit prime number) and p (a smaller number than g with some
restrictions associated).
2. Bob and Alice each pick a secret 512bit number ( Alice picks Sa and Bob
picks Sb).
3. Each perform the initial function on the numbers to receive an
intermediary result (T):
Alice gets Ta by the following: g^Sa mod p
Bob gets Tb by the following: g^Sb mod p
4. Bob and Alice exchange their T's... Bob receives Ta and Alice receives
Tb.
5. Bob and Alice each receive the secret key by performing an additional
calculation:
Alice gets the secret by the following: Tb^Sa mod p
Bob gets the secret by the following: Ta^Sb mod p
6. Both come up with the same secret key, because:
Tb^Sa = (g^Sb) = g^Sb^Sa = (g^Sa)^Sb=Ta^Sb mod p
Now here is the question:
How do the "exponent" , "modulus" (under the Key Manager tab), and "key"
(under the DH tab) relate to the Diffie-Hellman scheme used by Alice and Bob
?
...another way of asking: How do the firewalls exchange their "p" and "g"
and "Ta" and "Tb" ? Where are they stored? How are they communicated?
Etc...
There are some hints in the manuals, but nothing specific. If anyone knows
it would be helpful.
Thanks,
Sam Ghannadi
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
