Re: Proposal for new DH Groups 6, 7, and 8

[Alexey Kirichenko <Alexey.Kirichenko@F-Secure.com>]

At 21:52 6.2.2000 +0200, Tero Kivinen wrote:
>Will Price writes:
>> I would like to propose three new DH Groups for IKE of 2048, 3072, and
>> 4096 bits.  This should adequately cover all foreseeable future needs.  I
>> have included documentation on the generation of these primes which were
>> originally generated for PGPfone, and there is an interesting story about
>> how they were generated at the end of this message.
>
>I think those primes should be generated in the same way the primes
>currently in the IKE are generated, i.e to have format of
>
>p = 2^n - 2^(n-64) - 1 + (floor(Pi*2^(n-130)) + t)*2^64,

What's so great about this format ? I'd love (but would be very
surprised) to see any proofs/arguments of useful properties
of primes generated in the specified way. References ?

>Also the primes must be verified to be really primes. Statistical
>methods are not enough (I think PGPfone only does statistical tests).

True. As we have plenty of time for primality testing in this particular
case, there is no reason for skipping EC-based primality testing.

Alexey

------------- End Forwarded Message -------------

---

Follow-Ups:

• Re: Proposal for new DH Groups 6, 7, and 8
• From: Tero Kivinen <kivinen@ssh.fi>

References:

• Proposal for new DH Groups 6, 7, and 8
• From: Will Price <wprice@cyphers.net>
• Proposal for new DH Groups 6, 7, and 8
• From: Tero Kivinen <kivinen@ssh.fi>

---

• Prev by Date: draft-ietf-mobileip-ipv6-09
• Next by Date: Re: Proposal for new DH Groups 6, 7, and 8
• Prev by thread: Proposal for new DH Groups 6, 7, and 8
• Next by thread: Re: Proposal for new DH Groups 6, 7, and 8
• Index(es):
  • Main
  • Thread