5 Sep
2015
5 Sep
'15
5:07 p.m.
On Sat, Sep 05, 2015 at 07:41:11AM +0000, Alfonso De Gregorio wrote:
Sure, the questions are: What is the origin of the current wording of the standard, that opens an avenue for lax checks for group parameters? Or, if, as you correctly pointed out, an implementation MAY NOT check group parameters, which entity deserves credit for it?
IMHO I haven't demonstrated attack against DH yet (believe it is possible). The current examples are against DSA, not DH.