Julian schrieb:
As I understand it the prime inportance for DH parameters is that no attacker can trick you into using a special set of parameters. Insofar I'd see no problem embedding DH parameters in code, because if an attacker can modify your code than you'll have bigger problems than DH parameters.Hi,I am working on an application that is both a client and a server. The DH prime is stored in the binary for the server. Since the Server will exists inside the Client is there a considerable risk of embedding the DH p into the code? The alternative is to have the Server generate a 1024 bit prime when the Client starts it's Server portion, however as we know this is painfully slow.Thanks, J
Any other opinions? Hope it helps, Ted ;) -- PGP Public Key Information Download complete Key from http://www.convey.de/ted/tedkey_convey.asc Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26
smime.p7s
Description: S/MIME Cryptographic Signature