[12199] in cryptography@c2.net mail archive
RE: Implementation guides for DH?
daemon@ATHENA.MIT.EDU (Zulfikar Ramzan)
Wed Jan 1 18:17:09 2003
From: "Zulfikar Ramzan" <zramzan@ipdynamics.com>
To: "Adam Shostack" <adam@homeport.org>,
<cryptography@wasabisystems.com>
Date: Wed, 1 Jan 2003 15:07:50 -0800
In-Reply-To: <20030101185342.GA3000@lightship.internal.homeport.org>
Hi Adam --
Anton Stiglic has a paper on various security issues that arise in DH
implementations:
http://crypto.cs.mcgill.ca/~stiglic/Papers/dhfull.pdf
The paper not only considers number-theoretic attacks, but also looks at
other vulnerabilities (side-channel attacks, timing attacks, DoS, etc).
Section seven has a nice summary of various secure DH implementation
principles.
Hope this helps!
Regards,
Zully
P.S. If you come across any other pointers, please let me know.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Zulfikar Ramzan
IP Dynamics, Inc. http://www.ipdynamics.com
Secure, Scalable Virtual Community Networks
-----Original Message-----
From: owner-cryptography@wasabisystems.com
[mailto:owner-cryptography@wasabisystems.com]On Behalf Of Adam Shostack
Sent: Wednesday, January 01, 2003 10:54 AM
To: cryptography@wasabisystems.com
Subject: Implementation guides for DH?
I'm looking for a list of common implementation flaws in DH. Things
like: How to check the key the other side sends, what are acceptable
values for p, etc?
Any pointers?
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to
majordomo@wasabisystems.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
