Proven Primes

[Ben Laurie]

Tero Kivinen wrote:
> Ben Laurie writes:
> 
>>Jack Lloyd wrote:
>>
>>>Check RFC 2412, draft-ietf-ipsec-ikev2-05.txt, and
>>>draft-ietf-ipsec-ike-modp-groups-05.txt
>>>However, I don't seen any primality proof certificates included in the
>>>texts.
> 
> 
> I considered adding the ecpp certificates to
> draft-ietf-ipsec-ike-modp-groups document, but as the certificates are
> several magabytes in total, there is no point of adding them to this
> kind of document (the document would be several hundred pages long
> consisting only numbers...). 
> 
> 
>>RFC 2412 looks good, however, as you say, no certificates are included, 
>>nor is it made clear that (p-1)/2 has been proven.
>>I-Ds are less useful to me, since I can't give a long-term reference for 
>>them :-(
> 
> 
> The draft-ietf-ipsec-ike-modp-groups used to have pointer to the ftp
> site having the certificates
> (ftp://ftp.ssh.fi/pub/ietf/ecpp-certificates), but that was removed
> during the IESG review, because url references are not stable enough
> in general (the ftp://ftp.ssh.fi/pub/ietf/ecpp-certificates site is
> supposed to be there forever).
> 
> That site also includes certificates of modp groups from the RFC 2412
> (and (p-1)/2 also).

Thanks.

> I actually just finished finding the 16384 bit Diffie-Helman group
> with same kind of parameters. It took about 9.5 months to generate.
> The 12288 bit group took only about 15 days to generate.

I have to admit to surprise at the time involved - what s/w are you 
using to do the generating?

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com