On 02/11/2014 09:19 AM, Leon Brits wrote: > In a test I have three DH key pairs generated from the IKE groups 14,15 and > 16 paramters. [...] > It seems the private key must be the same or larger to succeed. > Is this correct: Can the public key not be larger than the private key?
There shouldn't be any such requirement. If anything, i'd expect the
requirement to work the other way around, since there are some popular
DH key agreement schemes that encourage the use of short secret keys
("short exponents"), e.g. SSH [0]
Can you provide the source for the problem that you're running into?
maybe there are other problems with it that someone on the list could
identify.
--dkg
[0] https://tools.ietf.org/html/rfc4419#section-6.2
signature.asc
Description: OpenPGP digital signature
