IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
RE: DH group exchange (Re: SSH key algorithm updates)
mdb%juniper.net@localhost <mdb%juniper.net@localhost> writes:
>That said, I do not find any FIPS or NIST documents talking about Lim-Lee
>primes for use in FIPS certified systems.
Sure, because it post-dates the original NIST docs that specified the keygen.
The idea is that if you need FIPS validation you use the NIST generation
method, if you don't, you use any method that works, one obvious example being
Lim-Lee (same result but much quicker because you're generating lots of small
primes, particularly useful if you want to generate a new DH parameter set on
each handshake).
Since the verification process for both 186 and Lim-Lee generated values is
identical, you can verify the keys either way. So the spec would cover both
NIST and non-NIST options at the same time, depending on implementer
preference.
Peter.
Home |
Main Index |
Thread Index |
Old Index