Re: D-H key exchange - how does it work?
From: hughes@ah.com (Eric Hughes)
In addition, changing the modulus can have unpleasant effects on traffic analysis, if not done properly.
Of what sort?
For D-H, the modulus must be transmitted in the clear. Unless you use a different modulus for each conversation, there is a persistency to the moduli that gives rise to a pseudo-identity.
I don't follow this. If you never change the modulus (which is what it sounds like Eric was recommending), then isn't there an even greater persistency? Or is it the assumption that everyone uses the same modulus in that case? Hal
Or is it the assumption that everyone uses the same modulus in that case? Yes. Same modulus for all users. Not so bad a thing, really, although sometimes long-term secrecy is worth more than traffic analysis. Eric
participants (2)
-
Hal -
hughes@ah.com