[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New 12288 and 16384 bit groups

To: ipsec@lists.tislabs.com
Subject: Re: New 12288 and 16384 bit groups
From: Tero Kivinen <kivinen@ssh.fi>
Date: Sat, 15 Mar 2003 21:44:58 +0200
CC: trevp@trevp.net
Organization: Helsinki University of Technology
References: <5.2.0.9.0.20030313161341.02e2bd30@postoffice.pacbell.net>
Sender: owner-ipsec@lists.tislabs.com

trevp@trevp.net (Trevor Perrin) writes:
> Out of curiosity, are the primes currently in 
> draft-ietf-ipsec-ike-modp-groups-05 proven to be safe primes (of the form 
> N=2q+1, where q is prime), or just proven to be prime?

All the groups in the draft-ietf-ipsec-ike-modp-groups-05 are proven
to be safe primes (i.e both the p and the (p - 1) / 2 are proven to be
prime). The ECPP/primo certificates can be found at
http://ftp.ssh.com/pub/ietf/ecpp-certificates/ (that url used to be in
the draft, but was removed because url's are not stable enough to be
used as references (that url is going to be stable :-)). 
-- 
kivinen@ssh.fi
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

Follow-Ups:
- Re: New 12288 and 16384 bit groups
  - From: Alan Barrett <apb@cequrux.com>

References:
- Re: New 12288 and 16384 bit groups
  - From: Trevor Perrin <trevp@trevp.net>

Prev by Date: Re: Another field for traffic selector?
Next by Date: RE: "Me Tarzan, You Jane" in IKEv2-05
Prev by thread: Re: New 12288 and 16384 bit groups
Next by thread: Re: New 12288 and 16384 bit groups
Index(es):
- Date
- Thread