Displaying 2 results from an estimated 2 matches for "ffdh".
Did you mean:
ffdf
2015 May 26
8
Weak DH primes and openssh
...ory as the ECDH curve
selection discussion -- the theory you're suggesting is that some
safe-prime moduli could themselves have a backdoor that we don't know
about. Am i understanding you correctly?
I've been talking with several cryptographers for the last year about
finite-field DH (FFDH) and i haven't heard any suggestion that any of
them think there is likely to be such a class of backdoored moduli.
> yes, it would basically exclude the chance that the primes are backdoored,
> there's still the chance for the values to be composites
>
> for values to be used...
2015 May 26
2
Weak DH primes and openssh
On Tue 2015-05-26 12:57:05 -0400, Hubert Kario wrote:
> creating composites that will pass even 100000 rounds of Miller-Rabin is
> relatively simple....
> (assuming the values for M-R tests are picked randomly)
Can you point me to the algorithms for doing that? This would suggest
that we really do want primality proofs (and a good way to verify them).
Do those algorithms hold for