[Ach] quick, basic DH question

Manuel Koschuch koschuch at gmx.net
Wed Nov 20 17:43:39 CET 2013

DH only uses prime (or the (multiplicative) group modulo that prime). We
need a prime p and a generator  g (i.e. an element of order p-1 i.e. a
value g less than p, s.t. g^(p-1) mod p == 1 mod p).

And usually when talking about bitlengths one either means the length of n
(=p*q) in the case of RSA, or p (in the case of DH)


On Wed, Nov 20, 2013 at 5:33 PM, christian mock <cm at coretec.at> wrote:

> So, is the number of bits that's given for DH params the number of
> bits of one of the two primes? While with RSA, we talk about the size
> of the product of two primes?
> Because then 512 bit DH would be about as strong as 1024 bit RSA...
> Or am I completely confused?
> cm.
> --
> Christian Mock                          Wiedner Hauptstr. 15
> Senior Security Engineer                1040 Wien
> CoreTEC IT Security Solutions GmbH      +43-1-5037273
> FN 214709 z
> .-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
> CoreTEC: Web Application Audit - Damit so etwas nicht passiert!
> http://heise.de/-1260559
> .-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20131120/60348478/attachment.html>

More information about the Ach mailing list