Possible crypto backdoor in RFC-2631 Diffie-Hellman Key Agreement Method

Georgi Guninski guninski at guninski.com
Sat Sep 5 08:25:32 PDT 2015

On Sat, Sep 05, 2015 at 03:21:30PM +0000, Alfonso De Gregorio wrote:
> On Sat, Sep 5, 2015 at 3:02 PM, Georgi Guninski <guninski at guninski.com> wrote:
> ...
> >> I'm concerned with Fixed Diffie-Hellman implemented properly.
> >>
> >
> > Do you have example of application which distinguishes proper DH from
> > non-proper DH?
> I'm confused. What do you mean by proper DH vs non-proper DH? Are you
> referring to the performance of group parameters validation or lack of
> the same, or something else?

I mean: non-proper DH is implementation which doesn't return
error/aborts if $q$ is composite. $q$ is defined in the RFC.

More information about the cypherpunks mailing list