You might take a look at RFC 3526:

http://tools.ietf.org/html/rfc3526

It is my understanding that the DH exponent can be significantly
shorter than the modulus without compromising security.  RFC 3526 is
from 2003, but I haven't found anything published since then that
would make me think its assertions are invalid or outdated.  The
paranoid tinfoil hat crowd can probably take twice the maximum bit
count from section 8 (620x2=1240) and be happy.

Mike

On Mon, Apr 18, 2011 at 8:01 AM, ikuzar <razuk...@gmail.com> wrote:
> Hello,
> I 'd like to know the length of DH session key generated by
> DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) . Here :
> http://www.openssl.org/docs/crypto/DH_generate_key.html
> It is said that key must point to DH_size(dh) bytes of memory. is 128 bits
> the default length ? how can I adjust this length according the symetric-key
> algorithm I use ( AES128/ICM)
> Thanks for your help.
>
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to