Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method

Peter Gutmann pgut001 at cs.auckland.ac.nz
Thu Sep 3 06:33:48 PDT 2015

Georgi Guninski <guninski at guninski.com> writes:

>Anyway, I would appreciate if someone checks if current implementations
>accept composite $q$.

Well, I think the problem will be finding any implementation of this at all,
or at least any that's still around now.

>What do you mean by DH certificate?

The static DH parameters need to be turned into a certificate by a CA.  I
don't know of any public CA that can issue these.


More information about the cypherpunks mailing list