Hello, On Tue, July 26, 2011 6:03 am, Prashant Batra (prbatra) wrote: > Thanks Yoav and Yaron for the suggestions. > > Even I was thinking and tried generating and storing the key pair well > in the beginning,. This helped to some extent. > > > > The secret calculation is also very expensive, but this has to be done > in midst of the exchange only.
You could pick one secret x and then for IKE exchanges do this: 0th exchange: y = g^x mod p 1st exchange: y = g^(x+1) mod p 2nd exchange: y = g^(x+2) mod p . . . nth exchange: y = g^(x+n) mod p Getting from exchange i to exchange i+1, then, is just a single modular multiply, which should be "cheaper" for you. Knowing n, y, g and p and that y = g^(x+n) mod p does not really give an advantage (above the discrete logarithm problem) in finding x. That said, I still would not suggest doing many more than a few of these (and I am not qualified to quantify that statement) but for a few-- i.e. keep n small and after n choose a new x and repeat-- it should be OK. Maybe this technique will allow you to "cheapen" your exchange a bit. I think throwing hardware at this problem is your best bet though. regards, Dan. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
