CDR: StoN, Diffie-Hellman, other junk..

Wed Sep 6 21:45:04 PDT 2000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

First, I gotta say.. only been back on the list a day or two and the Signal 
to Noise seems to have gotten nearly out of hand.. I don't know what 
cypherpunks has to do with trying to listen in on cordless phone calls, or 
how to give someone drugs.. but anyway.. something on topic.. :)

I wrote a UDP based encrypted chat program a while back.. it worked well, 
but I saw the following drawbacks..

1) It used secret keys that had to be shared beforehand through a prior 
secure channel.
2) Being UDP based, I was forced to operate the ciphers in ECB instead of 
CBC mode, just in case any of the packets got lost.

To make the application more robust, I have started rewriting it to use TCP 
instead.  It is still a peer-peer network, requiring no dedicated servers.. 
while this increases overhead somewhat, I think it's worth it to keep the 
system from relying on one particular server, or a group of them.  You 
simply add the IP of the people you want to receive your messages to your 
list.  If someone adds you, when you receive a message from them, it adds 
them to your list automatically.  Downside is currently that everyone must 
maintain an active TCP connection to everyone else.. but it's not meant to 
be a replacement for IRC or anything like that, just a secure way to chat 
and transfer other data such as files or voice.

I have also decided to get rid of the key sharing mechanism, and instead 
utilize D/H to generate a KEK, then transfer a 4096bit data block from the 
initiating client to the serving client (I'll refer to them as C/S where 
their role is appropriate, but keep in mind there is no real "server".. 
much like gnutella or similar systems, every client is a server, and every 
server a client.) to serve as a master key.  The first N bits are used 
depending on which cipher is negotiated/selected, up to the max supported 
by my implementation of each cipher.

Now, my main question about D/H is quite simple.. what is considered a 
"good" size for the prime and primitive used, in bits?  Obviously something 
somewhat large, but how large is large enough?  64bits?  Less or more?  I 
can't find much information on this anywhere, and my copy of Applied 
Cryptography (2nd ed.) while covering D/H in detail, doesn't even mention this.

An aside is that I'm writing the application in Delphi 5, and the maximum 
native supported integer sizes are 32bit unsigned, and 64bit signed.. I've 
been writing a math library of my own in assembler that at compile time 
will allow you to specify the maximum bitsize you want it to support, but 
this is proving to be a mind-numbing task.. ;)  If anyone is familiar with 
Delphi and has any libraries like this already, I'd much appreciate hearing 
about them.. or even some a web resource or paper Real Book (tm) resource 
that explains in abstract terms how to go about something like this would 
be appreciated.

I had more to write.. but I'm exhausted.. fun crypting to everyone.. ;)

- -------signature file-------

"'There comes a time when the operation of the machine
becomes so odious, makes you so sick at heart, that you
can't take part; you can't even passively take part, and
you've got to put your bodies upon the gears and upon the
wheels, upon the levers, upon all the apparatus, and you've
got to make it stop. And you've got to indicate to the people
who run it, to the people who own it, that unless you're free,
the machine will be prevented from working at all!"
- -Mario Savio-  Founder of the Free Speech Movement.

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBObcdUGvp1znMxX/XEQJ5RgCg0Z373RKrBi7fdVYgpUkulwmWcgUAoOia
FifEVZ1Wp7PPH/XwBMeMCsID
=kn5M
-----END PGP SIGNATURE-----