W3C home > Mailing lists > Public > xml-encryption@w3.org > February 2002

Re: Diffie Hellman

From: Jiandong Guo <jguo@phaos.com>
Date: Fri, 15 Feb 2002 17:27:06 -0500
Message-ID: <3C6D8B39.C149A265@phaos.com>
To: merlin <merlin@baltimore.ie>
CC: xml-encryption@w3.org
Merlin,

I raised this question before
(http://lists.w3.org/Archives/Public/xml-encryption/2002Jan/0019.html).

I suggest to use X9.42 for Diffie-Hellman public keys for two reasons:

1. The X9.42 variant of  the Diffie-Hellman key is what used in PKIX X509
certificate.

2. From security point of view, PKC#3 is outdated. The security of  the Discrete
Logarithm
problem underlying Diffie-Hellman relies not only on the size of  the prime p and
the size
of  the subgroup generated by the "generator" g in GF(p), but also on the size of
the maximal
prime factor of  the order of this subgroup, because of the Pohlig-Hellman
algorithm.
The appearance of the prime number q in X9.42 serves such purpose.

Jiandong

merlin wrote:

> Hi,
>
> The Diffie Hellman part of the spec is somewhat ambiguous at the moment:
>
> . It is not clear whether PKCS#3 or X.942 should be used. The reference
>   suggests the latter; the public key encoding suggests the former.
>
> . Keying material generation is somewhat ambiguous; the examples suggest
>   algorithm first, the language suggests ZZ first; the examples suggest
>   the counter is one byte, the language suggests two hexadecimal digits.
>
> Any guidance so we can nail down DH interop?
>
> Thanks, Merlin
>
> -----------------------------------------------------------------------------
> Baltimore Technologies plc will not be liable for direct,  special,  indirect
> or consequential  damages  arising  from  alteration of  the contents of this
> message by a third party or as a result of any virus being passed on.
>
> This footnote confirms that this email message has been swept by
> Baltimore MIMEsweeper for Content Security threats, including
> computer viruses.
>    http://www.baltimore.com
Received on Friday, 15 February 2002 17:20:01 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:20 GMT