Antwort: Re: Two questions regarding Diffie-Hellman key exchange
oliver.hanka at gi-de.com
oliver.hanka at gi-de.com
Mon Sep 17 16:09:44 WST 2007
Thank you very much! Exactly what I was looking for.
Hav a nice day.
Oliver
Matt Johnston <matt at ucc.asn.au>
14.09.2007 17:21
An
oliver.hanka at gi-de.com
Kopie
dropbear at ucc.asn.au
Thema
Re: Two questions regarding Diffie-Hellman key exchange
On Fri, Sep 14, 2007 at 05:11:46PM +0200, oliver.hanka at gi-de.com wrote:
> Hello,
>
> I am currently working on my master-thesis, which involves implementing
> the SSH protocol on a smart-card. Therefore I am using dropbear as a non
> cpu and memory intensiv blueprint.
>
> I am currently stucked with two questions regarding the Diffie-Hellman
key
> exchange (SSH_MSG_KEXDH_INIT message). First of all, can you point me to
a
> document where the prime number p (128Byte) is defined? Unfortunatly the
> RFC 4253 (SSH Transport Layer) doesn't give a hint.
Take a look at section 6.2 of RFC 2409. The naming is a bit
of a shambles - I'm not sure why diffie-hellman-group1-sha1
actually refers to "Second Oakley Group".
> The next question I am puzzled with: How come the result (e) of the
client
> side 'e = g^x mod p' calculation is a 133 Byte value? At least, that's
> what it looks like when I sniff the packet with wireshark (formaly
> ethereal). From my understanding, a modulo calculation with a 128 byte
> value should produce a result equal or less than 128 byte. Am I wrong?
> Are there additional bytes added to e, which the RFC 4253 doesn't
mention?
> (the message is described in section 8, RFC 4252, jan 2006)
Have a look at section 5, rfc4251. mpints have a 4 byte
lengthh, then may be padded by a byte if their most
significant bit is set.
Cheers,
Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20070917/c51e4332/attachment.htm
More information about the Dropbear
mailing list