On Wed, Sep 25, 2002 at 08:49:47AM -0400, John O Goyo wrote:
Certicom has intellectual property rights relating to safe primes in DH [...]
+ Certicom has intellectual property rights relating to the use of safe primes
+ in the DH key-exchange, including US patent 5,933,504 and pending US
+ and non-US applications, [...]
Can you elaborate? US patent 5,933,504 was filed in 1997, and using
safe primes for DH was not new back then.
URL:http://groups.google.com/groups?selm=2odko3%24jsf%40qualcomm.comoutput=gplain
From: [EMAIL PROTECTED] (Phil Karn)
Newsgroups: sci.crypt
Subject: Re: Searching for primes
Date: 12 Apr 1994 08:05:23 GMT
Organization: 843rd Bomb Wing, Burpelson AFB
Lines: 18
Distribution: world
Message-ID: 2odko3$[EMAIL PROTECTED]
References: [EMAIL PROTECTED] 2numd7$[EMAIL PROTECTED]
[EMAIL PROTECTED] [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
NNTP-Posting-Host: unix.ka9q.ampr.org
I'm following this discussion with interest because I'm currently
generating some prime moduli for use with Diffie-Hellman. (DH is now
included in RSAREF, so I'm using it as the basis of an experimental IP
security protocol).
My understanding of the criteria for a DH modulus p is that both p and
(p-1)/2 should be prime, i.e, p should be a strong prime.
I know that strong primes are no longer thought to be required for RSA
key generation, but I understand that they're still a good idea for
DH, which depends on the discrete logarithm problem rather than
factoring (see LaMacchia's and Odlyzko's 1991 paper on discrete
logarithms, URL http://martigny.ai.mit.edu/~bal/field.ps).
Is this still the current consensus?
Phil
--
Bodo Möller [EMAIL PROTECTED]
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]