[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Better key negotiations



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

What are "eliptic curves", Watson? I'm not a math master, I just know
how to do IT :D

~Andrew

Watson Ladd wrote:
> Jason Holt wrote:
>> On Fri, 1 Sep 2006, Watson Ladd wrote:
>
>>> I have a good idea for key negotiations (NOTE:UNPUBLISHED).
>>> Here
> it is:
>>> Let the server have a public key y=h^x mod p, p=2q+1, h=g^2,
>>> and
> private
>>> key x^-1 mod q, or z. (g is a generator).
>>>
>>> A client will send y^a and remember a. A server will send back
>>> h^b and remember b. The client will compute (h^b)^a. The server
>>> will compute (y^a)^(bz). We note that:
>>> (y^a)^(bz)=h^(ax*bz)=h^(abxz)=h^(ab)=(h^b)^a, as z and x are
>>> multiplicative inverses mod q. We further note that this is
>>> just Diffie-Hellman if we replace y with h^z,  a with a*x, and
>>> z with 1, b with b. So this is secure if
> DDH holds.
>>>
>>> I am not a cryptographer, so will someone please check this
>>> method. I have not found it anywhere.
>> Why would we use this instead of plain-vanilla Diffie-Hellman?
>
>> -J
>
> To authenticate the server to the client. I want to dispense with
> RSA as we are putting a critical egg into two baskets at once.
> Also, we can migrate to exotic DDH assumption groups if a
> breakthrough happens. Like GF(p^n), n>1, or elliptic curves.
>

- --
Frivolous lawsuits. Unlawful government seizures. It's a scary world
out there!
Protect your privacy, keep what you earn, and even earn more income at:
http://www.KeepYourAssets.net/?andrew

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE+QZfgwZR2XMkZmQRApmxAJ9M0dqPwINMPD4Y1acg9xkGTHcfNwCfVl8U
nPen2JXS/IHI4Zc0Sybe7Ys=
=ZDuY
-----END PGP SIGNATURE-----