Origin of DH modulus
Dwayne C. Litzenberger
dlitz at dlitz.net
Fri Jul 18 14:07:03 UTC 2008
http://openid.net/specs/openid-authentication-2_0.html#pvalue states:
Appendix B. Diffie-Hellman Key Exchange Default Value
This is a confirmed-prime number, used as the default modulus for
Diffie-Hellman Key Exchange. In hexadecimal:
DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61E
F75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D268370557
7D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E382
6634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22C583AB
Where did this number come from? A quick Google search reveals nothing
particularly enlightening.
When specifying constants for cryptographic protocols, it is customary to
explain how the constant was arrived at so that people can be assured that
they were not specially chosen to (for example) act as a backdoor. See:
http://en.wikipedia.org/wiki/Nothing_up_my_sleeve_number
http://en.wikipedia.org/wiki/Dual_EC_DRBG
Ideally, this information should accompany the modulus in the OpenID spec
itself.
--
Dwayne C. Litzenberger <dlitz at dlitz.net>
Key-signing key - 19E1 1FE8 B3CF F273 ED17 4A24 928C EC13 39C2 5CF7
Annual key (2008) - 4B2A FD82 FC7D 9E38 38D9 179F 1C11 B877 E780 4B45
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20080718/64d734f6/attachment-0002.pgp>
More information about the specs
mailing list