From: rcain@netcom.com (Robert Cain)
Date: Tue, 8 Feb 94 16:17:02 PST
To: cypherpunks@toad.com (cypherpunks)
Subject: Re: Some stuff about Diffie-Hellman (and more :-)
In-Reply-To: <199402071555.KAA04653@snark>
Message-ID: <199402090016.QAA22965@mail.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry E. Metzger sez:
> 
> Indeed, a paper has been published on how to break Sun Secure RPC
> based on the idiotic decision by someone at Sun to standardise the
> modulus used. It is basically a matter of precomputing a lot of data
> based on the numbers which allows you to break any particular discrete
> log in that field on the fly. The suggestion by Mr. Cain to use a
> single generator and modulus for all traffic is astonishingly naive.

Now wait a minute, Perry.  If a device is going to use other than a 
set of known moduli or even just one, how are two devices going to each
know what the other is using without a listner knowing?  I think it is
pretty much agreed that devices that use "secret" numbers are not very
practical.  What you say seems to indicate that D-H as we know and
love it has been rendered obsolete because it depends on the modulus
being known.  What am I missing?


Peace,

Bob

-- 
Bob Cain    rcain@netcom.com   408-354-8021


           "I used to be different.  But now I'm the same."


--------------PGP 1.0 or 2.0 public key available on request.------------------