Although the generator g can be any number, it is typically 2 or 5. In fact, this is all that OpenSSL supports (values 2 or 5 for g). The typical situation is this:
(1) Alice and Bob generate random secret values a and b. If a or b happen to be prime, that is fine - but they need not be. (2) Alice sends Bob A=g^a(mod p) and Bob sends Alice B=g^b(mod p). (3) Alice calculates S=B^a(mod p) and Bob calculates S=A^b(mod p) and they are both left with the secret S. The key thing to notice is that the DH parameters are *public*. That means that the modulus and generator can be known by anyone without compromising the integrity of the DH transaction. I've generated a few 8192-bit moduli using openssl, and those jobs tend to take about 3 days to complete on a 2.4GHz core. If you need a large modulus, say 4096 bits or higher, you're best off generating it once on a fast machine and embedding it in your application as a byte array. On Tue, Mar 22, 2011 at 5:12 PM, ikuzar <razuk...@gmail.com> wrote: > Hello, > I 'd like to know : > 1) if exponent x in g^x must be a great prime number. In some docs I saw, it > is said that x must b a GREAT number but no information about primality .. > 2) May generation of 'x' run for hours like related here : > http://www.openssl.org/docs/crypto/DH_generate_parameters.html ( in NOTES) > Thanks for your help. > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
