[497] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: State of discrete log attacks?

daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Fri Apr 4 14:24:34 1997

To: cryptography@c2.net
In-reply-to: Your message of "Fri, 04 Apr 1997 10:21:42 PST."
             <199704041821.KAA15435@servo.qualcomm.com> 
Reply-To: perry@piermont.com
Date: Fri, 04 Apr 1997 14:23:10 -0500
From: "Perry E. Metzger" <perry@piermont.com>

Phil Karn writes:
> In the book "Internetwork Mobility: The CDPD Approach" by Taylor et al,
> they say that CDPD uses Diffie-Hellman key exchange with a 256-bit
> modulus. This seems awfully short.

Extremely short. Also, if they are using a constant prime modulus,
they are subject to Odlyzko-LaMacchia style attacks that would allow
very cheap breaks of any given exchange once a lot of precomputation
was done.

Perry


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[497] in cryptography@c2.net mail archive

Re: State of discrete log attacks?

daemon@ATHENA.MIT.EDU (Perry E. Metzger)Fri Apr 4 14:24:34 1997

daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Fri Apr 4 14:24:34 1997