I'm not 100% sure I'm following you because of your choice of terminology,
but here goes:
> Yes, I do understand the DH exchange process. But with respect to the
> OpenSSL DH Library usage, let's say I and another party have
> fixed p & g. I
> calculate X using DH_generate_key() (I get a different X every
> time for the
> same p & g, is that okay?). And later I receive the other party's Y (which
> never changes by the way) and use it to calculate the secret key and is
> different every time. So my comparison against their shared secret key
> fails.
What are you comparing to the shared secret key? If you use a different X
and they use the same Y, then the shared secret will be different. But both
ends will agree on it.
For any X and any Y, 'X^Y mod p' will still equal 'Y^X mod p'. So if one
side picks a new X and the other side uses the same Y, the shared secret
will change, but it will still be shared.
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
