Dwayne C. Litzenberger wrote:
> http://openid.net/specs/openid-authentication-2_0.html#pvalue states:
>
> Appendix B. Diffie-Hellman Key Exchange Default Value
>
> This is a confirmed-prime number, used as the default modulus for
> Diffie-Hellman Key Exchange. In hexadecimal:
>
> DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61E
> F75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D268370557
> 7D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E382
> 6634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22C583AB
>
> Where did this number come from? A quick Google search reveals nothing
> particularly enlightening.
>
> When specifying constants for cryptographic protocols, it is customary
> to explain how the constant was arrived at so that people can be assured
> that they were not specially chosen to (for example) act as a backdoor.
> See:
>
> http://en.wikipedia.org/wiki/Nothing_up_my_sleeve_number
> http://en.wikipedia.org/wiki/Dual_EC_DRBG
>
> Ideally, this information should accompany the modulus in the OpenID
> spec itself.
>
Paul Crowley originally pulled a number out of /etc/ssh/moduli on his
machine and checked it for prime-ness:
http://lists.danga.com/pipermail/yadis/2005-June/000718.html
I've not checked to see if this is the same number (too lazy to convert
huge hex to decimal) but even if it isn't I'd guess the number was
probably found in a similar way.
Unfortunately, "I just picked this out of a file on my computer" isn't a
great thing to cite in a specification.
_______________________________________________
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs
