Re: pubkeys for p and g

2003-06-30 Thread martin f krafft
also sprach Arnold G. Reinhold [EMAIL PROTECTED] [2003.06.29.0424 +0200]:
 I am not sure I understand. How does this relate to my question?
 
 Where does the other factor come from?
 
 I got the impression, and maybe I misunderstood, that you were 
 viewing a product of two primes aA, where a was the private part= and 
 A was the public part.  That is not how RSA works. The produce aA is 
 the public key. Either factor can be the private part.

Oh, I get it. No, that was my bad. aA and bB are simply the
private/Public keypairs for A and B. Yeah, yeah, I know. Algebra is
always haunting me...

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; [EMAIL PROTECTED]
 
invalid PGP subkeys? use subkeys.pgp.net as keyserver!
 
our destiny exercises its influence over us even when, as yet,
 we have not learned its nature; it is our future that lays down the law
 of our today.
 - friedrich nietzsche


pgp0.pgp
Description: PGP signature


Re: pubkeys for p and g

2003-06-27 Thread Peter Fairbrother
martin f krafft wrote:

 also sprach Peter Fairbrother [EMAIL PROTECTED] [2003.06.27.1903 +0200]:
 Can you give me a ref to where they say that? I'd like to know
 exactly what they are claiming.
 
 this will have to wait a couple of days.
 
 Perhaps they are encrypting the DH secrets with RSA keys to provide some
 recipient authentication?
 
 nope.
 
 Or perhaps they are using DH instead of RSA for their public keys?
 
 nope.

Hmmm.

It's not exactly DH, but if you used the e of a RSA key as g, and the N as
p, that would actually work. It's only one RSA key tho'.


-- 
Peter Fairbrother


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: pubkeys for p and g

2003-06-27 Thread Nomen Nescio
martin f krafft writes:
 My point was that some commercial vendors (Check Point and others)
 claim, that if two partners want to perform a DH key exchange, they
 may use their two public keys for g and p. This, in effect, would
 mean that g and p were not globally known, but that the public keys
 are used in their place.
 ...
 We are writing a book and simply want to have some backup. I am
 almost sure that Check Point is bullshitting (wouldn't be the first
 time), so unless anyone has actually heard of this possibility, I am
 going to write this down and influence a thousand people, basically
 claiming that Check Point is wrong.

Do you have a reference to what exactly Check Point says about this?
Maybe you are misunderstanding or misinterpreting them.  If you could
quote it here verbatim (or provide a link if it is online) we might be
able to understand their claim better.  It would be wise to make sure
it is not a simple misunderstanding before you put something critical
about them in your book.

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: pubkeys for p and g

2003-06-26 Thread Anton Stiglic
I'm not certain I understand your questions, but here are some answers (I
think).
In the DH protocol you have what we call public parameters, p and g.
p is a large prime integer, which defines a group Z*p, g is a generator
which
defines a subgroup in Z*p.
You can use fix values for p an g.
Now, participants will choose private and public keys.  The private key
is simply chosen as a random number x, whose value is between 1 and
p-1.   The public key associated to x will be y = g^x mod p.
Participants keep x secret and y is public.
You can say that (y, g, p) is the public key, or simply say that y is the
public
key if g and p (the public parameters) are implicitly known.
Participants can choose a different x and associated y on each execution
of the protocol, or have long term private public key pairs.

--Anton


The Check Point Firewall-1 Docs insist, that the public keys be used
for p and g for the Oakley key exchange. I ask you: is this
possible?

  - which of the two pubkeys will be p, which g?
  - are they both always primes?
  - are they both always suitable generators mod p?

It just seems to me that Check Point isn't entirely sure themselves
here. I'd appreciate a short cleanup...

To my knowledge, g and p are globally defined, either in DH Groups
(which are nothing but pre-defined g's and p's, right?), or
otherwise set constant. Am I wrong about this?

Thanks.


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


DH: pubkeys for p and g

2003-06-25 Thread martin f krafft
The Check Point Firewall-1 Docs insist, that the public keys be used
for p and g for the Oakley key exchange. I ask you: is this
possible?

  - which of the two pubkeys will be p, which g?
  - are they both always primes?
  - are they both always suitable generators mod p?

It just seems to me that Check Point isn't entirely sure themselves
here. I'd appreciate a short cleanup...

To my knowledge, g and p are globally defined, either in DH Groups
(which are nothing but pre-defined g's and p's, right?), or
otherwise set constant. Am I wrong about this?

Thanks.

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; [EMAIL PROTECTED]
 
invalid PGP subkeys? use subkeys.pgp.net as keyserver!
 
one should never do anything that
 one cannot talk about after dinner.
-- oscar wilde


pgp0.pgp
Description: PGP signature