Re: I can has SHA-1 hashes for RFC 2409/3526 MODP groups?

To: "<tls%ietf.org@localhost>" <tls%ietf.org@localhost>, "ietf-ssh%netbsd.org@localhost" <ietf-ssh%netbsd.org@localhost>
Subject: Re: I can has SHA-1 hashes for RFC 2409/3526 MODP groups?
From: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>
Date: Fri, 7 Mar 2014 12:09:14 +0000

Geoffrey Keating <geoffk%geoffk.org@localhost> writes:

>I'd encourage you to do the derivation again: compute
>
>2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
>
>and verify that it's prime.

That assumes that (a) my calculation of that (what on earth is "{ [2^1918 pi]
+ 124476 }", for example?) will be correct, and (b) my overall calculations
will also be correct, which is more or less the thing I'm trying to avoid: I'd
like an independent check on the values so that if I've messed up anywhere, I
can detect it.  Getting a hash of the byte string seems to be the easiest way
to do this.

Speaking of doing the derivation again, do we know if anyone's actually tried
to reproduce the values given in the RFC?  I'm assuming it came from something
like Mathematica which I don't have directly available, and Mathics gives me,
for '2^2048 - 2^1984 - 1 + 2^64 * ((2^1918 * pi) + 124476)' the not terribly
helpful:

32317006071311007298962968279132820423223593024363796434440041316671543565873
440916351244591771371847086149164662580591029693953927426555290878070964232927
695481445976665844136502242593753417365574610202650424305468123288740527986069
345182600707793335155055488870009358517077286832777252562865057729531709228943
077561263607903104272439999956067085492978564938102680241320640398099496994465
906209396510474094085543397979368739086794572799533369234200999216018730602022
705374745273152831923492968543993770580612325275982255795197317429444934474851
545487458964741061916562950289834595688065052813922041488166690320547839+18446
744073709551616(124476+2374278629519728535136746592397124249767311765867127918
570023908264629157167400846877644685208027625404323721209699497484526969413701
467981853825962047983251924686564710804944458674372390943883621415233322481794
551936525204552984042331894647861447774178735086820277226677386425466403176594
780063984777699548807262435341787904726367875755303786443248143665183526702686
263900917281336138003954386069156827670111514514969010644898285176470534075324
491432175331619907825556678522705737282121499935633499250184851491021463412446
9728944541006176128457062647724487151147320327110918144pi)

which if fed to bc as:

32317006071311007298962968279132820423223593024363796434440041316671543565873
440916351244591771371847086149164662580591029693953927426555290878070964232927
695481445976665844136502242593753417365574610202650424305468123288740527986069
345182600707793335155055488870009358517077286832777252562865057729531709228943
077561263607903104272439999956067085492978564938102680241320640398099496994465
906209396510474094085543397979368739086794572799533369234200999216018730602022
705374745273152831923492968543993770580612325275982255795197317429444934474851
545487458964741061916562950289834595688065052813922041488166690320547839+18446
744073709551616*(124476+237427862951972853513674659239712424976731176586712791
857002390826462915716740084687764468520802762540432372120969949748452696941370
146798185382596204798325192468656471080494445867437239094388362141523332248179
455193652520455298404233189464786144777417873508682027722667738642546640317659
478006398477769954880726243534178790472636787575530378644324814366518352670268
626390091728133613800395438606915682767011151451496901064489828517647053407532
449143217533161990782555667852270573728212149993563349925018485149102146341244
69728944541006176128457062647724487151147320327110918144*pi)

is reported to be:

323170060713110072989629682791328204232235930243637964344400413166715435658734
409163512445917713718470861491646625805910296939539274265552908780709642329276
954814459766658441365022425937534173655746102026504243054681232887405279860693
451826007077933351550554888700093585170772868327772525628650577295317092289430
775612636079031042724399999560670854929785649381026802413206403980994969944659
062093965104740940855433979793687390867945727995333692342009992160187306020227
053747452731528319234929685439937705806123252759822557951973174294449344748515
45487458964741061916562950289834595688065052816218218403485760467501055

which is:

0xffffffffffffffff000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000001e63bffffffffffffffff

which isn't right.

Peter.

Follow-Ups:
- Re: I can has SHA-1 hashes for RFC 2409/3526 MODP groups?
  - From: Mouse

Prev by Date: Re: I can has SHA-1 hashes for RFC 2409/3526 MODP groups?
Next by Date: Re: I can has SHA-1 hashes for RFC 2409/3526 MODP groups?
Previous by Thread: Re: I can has SHA-1 hashes for RFC 2409/3526 MODP groups?
Next by Thread: Re: I can has SHA-1 hashes for RFC 2409/3526 MODP groups?
Indexes:

Home | Main Index | Thread Index | Old Index