This is neither code not proper documentation.

author: miod <> 2015-02-09 04:12:34 +0000
committer: miod <> 2015-02-09 04:12:34 +0000
commit: fa8c678d25f7746616d3af7f521b37f8f8e24e0c (patch)
tree: 2fb51f202142be748eb57d5c3f49818c6aa4a360
parent: be7ab46f12a353205bcecf10b2bfc6e303253ef2 (diff)
download: openbsd-fa8c678d25f7746616d3af7f521b37f8f8e24e0c.tar.gz
openbsd-fa8c678d25f7746616d3af7f521b37f8f8e24e0c.tar.bz2
openbsd-fa8c678d25f7746616d3af7f521b37f8f8e24e0c.zip
14 files changed, 0 insertions, 314 deletions
diff --git a/src/lib/libcrypto/dh/dh1024.pem b/src/lib/libcrypto/dh/dh1024.pem
deleted file mode 100644
index 81d43f6a3e..0000000000
--- a/src/lib/libcrypto/dh/dh1024.pem
+++ /dev/null
@@ -1,5 +0,0 @@
-----BEGIN DH PARAMETERS-----
-MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
-/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
-/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh192.pem b/src/lib/libcrypto/dh/dh192.pem
deleted file mode 100644
index 521c07271d..0000000000
--- a/src/lib/libcrypto/dh/dh192.pem
+++ /dev/null
@@ -1,3 +0,0 @@
-----BEGIN DH PARAMETERS-----
-MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh2048.pem b/src/lib/libcrypto/dh/dh2048.pem
deleted file mode 100644
index 295460f508..0000000000
--- a/src/lib/libcrypto/dh/dh2048.pem
+++ /dev/null
@@ -1,16 +0,0 @@
-----BEGIN DH PARAMETERS-----
-MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
-AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
-z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
-pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
-aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
-Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
-----END DH PARAMETERS-----
-----BEGIN DH PARAMETERS-----
-MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
-8ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
-SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
-gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
-yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
-a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh4096.pem b/src/lib/libcrypto/dh/dh4096.pem
deleted file mode 100644
index 390943a21d..0000000000
--- a/src/lib/libcrypto/dh/dh4096.pem
+++ /dev/null
@@ -1,14 +0,0 @@
-----BEGIN DH PARAMETERS-----
-MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
-vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
-TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
-bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
-rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
-EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
-bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
-W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
-ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
-NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
-jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh512.pem b/src/lib/libcrypto/dh/dh512.pem
deleted file mode 100644
index 0a4d863ebe..0000000000
--- a/src/lib/libcrypto/dh/dh512.pem
+++ /dev/null
@@ -1,4 +0,0 @@
-----BEGIN DH PARAMETERS-----
-MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
-a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/example b/src/lib/libcrypto/dh/example
deleted file mode 100644
index 16a33d2910..0000000000
--- a/src/lib/libcrypto/dh/example
+++ /dev/null
@@ -1,50 +0,0 @@
-From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
-Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
-  (5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
-Received: by minbne.mincom.oz.au id AA19958
-  (5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
-Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
-          Wed, 27 Sep 1995 19:13:05 +1000
-Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
-          Wed, 27 Sep 1995 04:48:46 -0400
-Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
-Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
-Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14]) 
-          by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442 
-          for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
-Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1) 
-          id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
-Date: Mon, 25 Sep 1995 17:50:51 -0700
-From: Phil Karn <karn@qualcomm.com>
-Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
-To: cypherpunks@toad.com, ipsec-dev@eit.com
-Subject: Primality verification needed
-Sender: owner-cypherpunks@toad.com
-Precedence: bulk
-Status: RO
-X-Status: 
-Hi. I've generated a 2047-bit "strong" prime number that I would like to
-use with Diffie-Hellman key exchange. I assert that not only is this number
-'p' prime, but so is (p-1)/2.
-I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
-1.3.2 to test this number. This function uses the Miller-Rabin primality test.
-However, to increase my confidence that this number really is a strong prime,
-I'd like to ask others to confirm it with other tests. Here's the number in hex:
-72a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
-fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
-a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
-fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
-3d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
-ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
-56a05180c3bec7ddd5ef6fe76b1f717b
-The generator, g, for this prime is 2.
-Thanks!
-Phil Karn
diff --git a/src/lib/libcrypto/dh/generate b/src/lib/libcrypto/dh/generate
deleted file mode 100644
index 5d407231df..0000000000
--- a/src/lib/libcrypto/dh/generate
+++ /dev/null
@@ -1,65 +0,0 @@
-From: stewarts@ix.netcom.com (Bill Stewart)
-Newsgroups: sci.crypt
-Subject: Re: Diffie-Hellman key exchange
-Date: Wed, 11 Oct 1995 23:08:28 GMT
-Organization: Freelance Information Architect
-Lines: 32
-Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
-References: <458rhn$76m$1@mhadf.production.compuserve.com>
-NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
-X-NETCOM-Date: Wed Oct 11  4:09:22 PM PDT 1995
-X-Newsreader: Forte Free Agent 1.0.82
-Kent Briggs <72124.3234@CompuServe.COM> wrote:
->I have a copy of the 1976 IEEE article describing the
->Diffie-Hellman public key exchange algorithm: y=a^x mod q.  I'm
->looking for sources that give examples of secure a,q pairs and
->possible some source code that I could examine.
-q should be prime, and ideally should be a "strong prime",
-which means it's of the form 2n+1 where n is also prime.
-q also needs to be long enough to prevent the attacks LaMacchia and
-Odlyzko described (some variant on a factoring attack which generates
-a large pile of simultaneous equations and then solves them);
-long enough is about the same size as factoring, so 512 bits may not
-be secure enough for most applications.  (The 192 bits used by
-"secure NFS" was certainly not long enough.)
-a should be a generator for q, which means it needs to be
-relatively prime to q-1.   Usually a small prime like 2, 3 or 5 will
-work.  
-....
-Date: Tue, 26 Sep 1995 13:52:36 MST
-From: "Richard Schroeppel" <rcs@cs.arizona.edu>
-To: karn
-Cc: ho@cs.arizona.edu
-Subject: random large primes
-Since your prime is really random, proving it is hard.
-My personal limit on rigorously proved primes is ~350 digits.
-If you really want a proof, we should talk to Francois Morain,
-or the Australian group.
-If you want 2 to be a generator (mod P), then you need it
-to be a non-square.  If (P-1)/2 is also prime, then
-non-square == primitive-root for bases << P.
-In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
-If you want this, you should restrict your sieve accordingly.
-3 is a generator iff P = 5 (mod 12).
-5 is a generator iff P = 3 or 7 (mod 10).
-2 is perfectly usable as a base even if it's a non-generator, since
-it still covers half the space of possible residues.  And an
-eavesdropper can always determine the low-bit of your exponent for
-a generator anyway.
-Rich  rcs@cs.arizona.edu
diff --git a/src/lib/libssl/src/crypto/dh/dh1024.pem b/src/lib/libssl/src/crypto/dh/dh1024.pem
deleted file mode 100644
index 81d43f6a3e..0000000000
--- a/src/lib/libssl/src/crypto/dh/dh1024.pem
+++ /dev/null
@@ -1,5 +0,0 @@
-----BEGIN DH PARAMETERS-----
-MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
-/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
-/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
-----END DH PARAMETERS-----
diff --git a/src/lib/libssl/src/crypto/dh/dh192.pem b/src/lib/libssl/src/crypto/dh/dh192.pem
deleted file mode 100644
index 521c07271d..0000000000
--- a/src/lib/libssl/src/crypto/dh/dh192.pem
+++ /dev/null
@@ -1,3 +0,0 @@
-----BEGIN DH PARAMETERS-----
-MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
-----END DH PARAMETERS-----
diff --git a/src/lib/libssl/src/crypto/dh/dh2048.pem b/src/lib/libssl/src/crypto/dh/dh2048.pem
deleted file mode 100644
index 295460f508..0000000000
--- a/src/lib/libssl/src/crypto/dh/dh2048.pem
+++ /dev/null
@@ -1,16 +0,0 @@
-----BEGIN DH PARAMETERS-----
-MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
-AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
-z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
-pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
-aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
-Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
-----END DH PARAMETERS-----
-----BEGIN DH PARAMETERS-----
-MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
-8ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
-SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
-gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
-yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
-a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
-----END DH PARAMETERS-----
diff --git a/src/lib/libssl/src/crypto/dh/dh4096.pem b/src/lib/libssl/src/crypto/dh/dh4096.pem
deleted file mode 100644
index 390943a21d..0000000000
--- a/src/lib/libssl/src/crypto/dh/dh4096.pem
+++ /dev/null
@@ -1,14 +0,0 @@
-----BEGIN DH PARAMETERS-----
-MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
-vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
-TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
-bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
-rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
-EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
-bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
-W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
-ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
-NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
-jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
-----END DH PARAMETERS-----
diff --git a/src/lib/libssl/src/crypto/dh/dh512.pem b/src/lib/libssl/src/crypto/dh/dh512.pem
deleted file mode 100644
index 0a4d863ebe..0000000000
--- a/src/lib/libssl/src/crypto/dh/dh512.pem
+++ /dev/null
@@ -1,4 +0,0 @@
-----BEGIN DH PARAMETERS-----
-MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
-a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
-----END DH PARAMETERS-----
diff --git a/src/lib/libssl/src/crypto/dh/example b/src/lib/libssl/src/crypto/dh/example
deleted file mode 100644
index 16a33d2910..0000000000
--- a/src/lib/libssl/src/crypto/dh/example
+++ /dev/null
@@ -1,50 +0,0 @@
-From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
-Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
-  (5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
-Received: by minbne.mincom.oz.au id AA19958
-  (5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
-Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
-          Wed, 27 Sep 1995 19:13:05 +1000
-Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
-          Wed, 27 Sep 1995 04:48:46 -0400
-Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
-Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
-Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14]) 
-          by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442 
-          for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
-Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1) 
-          id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
-Date: Mon, 25 Sep 1995 17:50:51 -0700
-From: Phil Karn <karn@qualcomm.com>
-Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
-To: cypherpunks@toad.com, ipsec-dev@eit.com
-Subject: Primality verification needed
-Sender: owner-cypherpunks@toad.com
-Precedence: bulk
-Status: RO
-X-Status: 
-Hi. I've generated a 2047-bit "strong" prime number that I would like to
-use with Diffie-Hellman key exchange. I assert that not only is this number
-'p' prime, but so is (p-1)/2.
-I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
-1.3.2 to test this number. This function uses the Miller-Rabin primality test.
-However, to increase my confidence that this number really is a strong prime,
-I'd like to ask others to confirm it with other tests. Here's the number in hex:
-72a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
-fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
-a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
-fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
-3d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
-ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
-56a05180c3bec7ddd5ef6fe76b1f717b
-The generator, g, for this prime is 2.
-Thanks!
-Phil Karn
diff --git a/src/lib/libssl/src/crypto/dh/generate b/src/lib/libssl/src/crypto/dh/generate
deleted file mode 100644
index 5d407231df..0000000000
--- a/src/lib/libssl/src/crypto/dh/generate
+++ /dev/null
@@ -1,65 +0,0 @@
-From: stewarts@ix.netcom.com (Bill Stewart)
-Newsgroups: sci.crypt
-Subject: Re: Diffie-Hellman key exchange
-Date: Wed, 11 Oct 1995 23:08:28 GMT
-Organization: Freelance Information Architect
-Lines: 32
-Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
-References: <458rhn$76m$1@mhadf.production.compuserve.com>
-NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
-X-NETCOM-Date: Wed Oct 11  4:09:22 PM PDT 1995
-X-Newsreader: Forte Free Agent 1.0.82
-Kent Briggs <72124.3234@CompuServe.COM> wrote:
->I have a copy of the 1976 IEEE article describing the
->Diffie-Hellman public key exchange algorithm: y=a^x mod q.  I'm
->looking for sources that give examples of secure a,q pairs and
->possible some source code that I could examine.
-q should be prime, and ideally should be a "strong prime",
-which means it's of the form 2n+1 where n is also prime.
-q also needs to be long enough to prevent the attacks LaMacchia and
-Odlyzko described (some variant on a factoring attack which generates
-a large pile of simultaneous equations and then solves them);
-long enough is about the same size as factoring, so 512 bits may not
-be secure enough for most applications.  (The 192 bits used by
-"secure NFS" was certainly not long enough.)
-a should be a generator for q, which means it needs to be
-relatively prime to q-1.   Usually a small prime like 2, 3 or 5 will
-work.  
-....
-Date: Tue, 26 Sep 1995 13:52:36 MST
-From: "Richard Schroeppel" <rcs@cs.arizona.edu>
-To: karn
-Cc: ho@cs.arizona.edu
-Subject: random large primes
-Since your prime is really random, proving it is hard.
-My personal limit on rigorously proved primes is ~350 digits.
-If you really want a proof, we should talk to Francois Morain,
-or the Australian group.
-If you want 2 to be a generator (mod P), then you need it
-to be a non-square.  If (P-1)/2 is also prime, then
-non-square == primitive-root for bases << P.
-In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
-If you want this, you should restrict your sieve accordingly.
-3 is a generator iff P = 5 (mod 12).
-5 is a generator iff P = 3 or 7 (mod 10).
-2 is perfectly usable as a base even if it's a non-generator, since
-it still covers half the space of possible residues.  And an
-eavesdropper can always determine the low-bit of your exponent for
-a generator anyway.
-Rich  rcs@cs.arizona.edu
author	miod <>	2015-02-09 04:12:34 +0000
committer	miod <>	2015-02-09 04:12:34 +0000
commit	fa8c678d25f7746616d3af7f521b37f8f8e24e0c (patch)
tree	2fb51f202142be748eb57d5c3f49818c6aa4a360
parent	be7ab46f12a353205bcecf10b2bfc6e303253ef2 (diff)
download	openbsd-fa8c678d25f7746616d3af7f521b37f8f8e24e0c.tar.gz openbsd-fa8c678d25f7746616d3af7f521b37f8f8e24e0c.tar.bz2 openbsd-fa8c678d25f7746616d3af7f521b37f8f8e24e0c.zip

diff --git a/src/lib/libcrypto/dh/dh1024.pem b/src/lib/libcrypto/dh/dh1024.pem deleted file mode 100644 index 81d43f6a3e..0000000000 --- a/src/lib/libcrypto/dh/dh1024.pem +++ /dev/null
@@ -1,5 +0,0 @@
1	-----BEGIN DH PARAMETERS-----
2	MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
3	/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
4	/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
5	-----END DH PARAMETERS-----


diff --git a/src/lib/libcrypto/dh/dh192.pem b/src/lib/libcrypto/dh/dh192.pem deleted file mode 100644 index 521c07271d..0000000000 --- a/src/lib/libcrypto/dh/dh192.pem +++ /dev/null
@@ -1,3 +0,0 @@
1	-----BEGIN DH PARAMETERS-----
2	MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
3	-----END DH PARAMETERS-----


diff --git a/src/lib/libcrypto/dh/dh2048.pem b/src/lib/libcrypto/dh/dh2048.pem deleted file mode 100644 index 295460f508..0000000000 --- a/src/lib/libcrypto/dh/dh2048.pem +++ /dev/null
@@ -1,16 +0,0 @@
1	-----BEGIN DH PARAMETERS-----
2	MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
3	AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
4	z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
5	pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
6	aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
7	Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
8	-----END DH PARAMETERS-----
9	-----BEGIN DH PARAMETERS-----
10	MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
11	8ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
12	SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
13	gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
14	yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
15	a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
16	-----END DH PARAMETERS-----


diff --git a/src/lib/libcrypto/dh/dh4096.pem b/src/lib/libcrypto/dh/dh4096.pem deleted file mode 100644 index 390943a21d..0000000000 --- a/src/lib/libcrypto/dh/dh4096.pem +++ /dev/null
@@ -1,14 +0,0 @@
1	-----BEGIN DH PARAMETERS-----
2	MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
3	vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
4	TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
5	bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
6	rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
7	EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
8	bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
9	W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
10	ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
11	NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
12	jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
13	-----END DH PARAMETERS-----
14


diff --git a/src/lib/libcrypto/dh/dh512.pem b/src/lib/libcrypto/dh/dh512.pem deleted file mode 100644 index 0a4d863ebe..0000000000 --- a/src/lib/libcrypto/dh/dh512.pem +++ /dev/null
@@ -1,4 +0,0 @@
1	-----BEGIN DH PARAMETERS-----
2	MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
3	a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
4	-----END DH PARAMETERS-----


diff --git a/src/lib/libcrypto/dh/example b/src/lib/libcrypto/dh/example deleted file mode 100644 index 16a33d2910..0000000000 --- a/src/lib/libcrypto/dh/example +++ /dev/null
@@ -1,50 +0,0 @@
1	From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
2	Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
3	(5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
4	Received: by minbne.mincom.oz.au id AA19958
5	(5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
6	Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
7	Wed, 27 Sep 1995 19:13:05 +1000
8	Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
9	Wed, 27 Sep 1995 04:48:46 -0400
10	Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
11	Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
12	Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14])
13	by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442
14	for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
15	Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1)
16	id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
17	Date: Mon, 25 Sep 1995 17:50:51 -0700
18	From: Phil Karn <karn@qualcomm.com>
19	Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
20	To: cypherpunks@toad.com, ipsec-dev@eit.com
21	Subject: Primality verification needed
22	Sender: owner-cypherpunks@toad.com
23	Precedence: bulk
24	Status: RO
25	X-Status:
26
27	Hi. I've generated a 2047-bit "strong" prime number that I would like to
28	use with Diffie-Hellman key exchange. I assert that not only is this number
29	'p' prime, but so is (p-1)/2.
30
31	I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
32	1.3.2 to test this number. This function uses the Miller-Rabin primality test.
33	However, to increase my confidence that this number really is a strong prime,
34	I'd like to ask others to confirm it with other tests. Here's the number in hex:
35
36	72a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
37	fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
38	a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
39	fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
40	3d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
41	ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
42	56a05180c3bec7ddd5ef6fe76b1f717b
43
44	The generator, g, for this prime is 2.
45
46	Thanks!
47
48	Phil Karn
49
50


diff --git a/src/lib/libcrypto/dh/generate b/src/lib/libcrypto/dh/generate deleted file mode 100644 index 5d407231df..0000000000 --- a/src/lib/libcrypto/dh/generate +++ /dev/null
@@ -1,65 +0,0 @@
1	From: stewarts@ix.netcom.com (Bill Stewart)
2	Newsgroups: sci.crypt
3	Subject: Re: Diffie-Hellman key exchange
4	Date: Wed, 11 Oct 1995 23:08:28 GMT
5	Organization: Freelance Information Architect
6	Lines: 32
7	Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
8	References: <458rhn$76m$1@mhadf.production.compuserve.com>
9	NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
10	X-NETCOM-Date: Wed Oct 11 4:09:22 PM PDT 1995
11	X-Newsreader: Forte Free Agent 1.0.82
12
13	Kent Briggs <72124.3234@CompuServe.COM> wrote:
14
15	>I have a copy of the 1976 IEEE article describing the
16	>Diffie-Hellman public key exchange algorithm: y=a^x mod q. I'm
17	>looking for sources that give examples of secure a,q pairs and
18	>possible some source code that I could examine.
19
20	q should be prime, and ideally should be a "strong prime",
21	which means it's of the form 2n+1 where n is also prime.
22	q also needs to be long enough to prevent the attacks LaMacchia and
23	Odlyzko described (some variant on a factoring attack which generates
24	a large pile of simultaneous equations and then solves them);
25	long enough is about the same size as factoring, so 512 bits may not
26	be secure enough for most applications. (The 192 bits used by
27	"secure NFS" was certainly not long enough.)
28
29	a should be a generator for q, which means it needs to be
30	relatively prime to q-1. Usually a small prime like 2, 3 or 5 will
31	work.
32
33	....
34
35	Date: Tue, 26 Sep 1995 13:52:36 MST
36	From: "Richard Schroeppel" <rcs@cs.arizona.edu>
37	To: karn
38	Cc: ho@cs.arizona.edu
39	Subject: random large primes
40
41	Since your prime is really random, proving it is hard.
42	My personal limit on rigorously proved primes is ~350 digits.
43	If you really want a proof, we should talk to Francois Morain,
44	or the Australian group.
45
46	If you want 2 to be a generator (mod P), then you need it
47	to be a non-square. If (P-1)/2 is also prime, then
48	non-square == primitive-root for bases << P.
49
50	In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
51	If you want this, you should restrict your sieve accordingly.
52
53	3 is a generator iff P = 5 (mod 12).
54
55	5 is a generator iff P = 3 or 7 (mod 10).
56
57	2 is perfectly usable as a base even if it's a non-generator, since
58	it still covers half the space of possible residues. And an
59	eavesdropper can always determine the low-bit of your exponent for
60	a generator anyway.
61
62	Rich rcs@cs.arizona.edu
63
64
65


diff --git a/src/lib/libssl/src/crypto/dh/dh1024.pem b/src/lib/libssl/src/crypto/dh/dh1024.pem deleted file mode 100644 index 81d43f6a3e..0000000000 --- a/src/lib/libssl/src/crypto/dh/dh1024.pem +++ /dev/null
@@ -1,5 +0,0 @@
1	-----BEGIN DH PARAMETERS-----
2	MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
3	/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
4	/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
5	-----END DH PARAMETERS-----


diff --git a/src/lib/libssl/src/crypto/dh/dh192.pem b/src/lib/libssl/src/crypto/dh/dh192.pem deleted file mode 100644 index 521c07271d..0000000000 --- a/src/lib/libssl/src/crypto/dh/dh192.pem +++ /dev/null
@@ -1,3 +0,0 @@
1	-----BEGIN DH PARAMETERS-----
2	MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
3	-----END DH PARAMETERS-----


diff --git a/src/lib/libssl/src/crypto/dh/dh2048.pem b/src/lib/libssl/src/crypto/dh/dh2048.pem deleted file mode 100644 index 295460f508..0000000000 --- a/src/lib/libssl/src/crypto/dh/dh2048.pem +++ /dev/null
@@ -1,16 +0,0 @@
1	-----BEGIN DH PARAMETERS-----
2	MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
3	AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
4	z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
5	pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
6	aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
7	Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
8	-----END DH PARAMETERS-----
9	-----BEGIN DH PARAMETERS-----
10	MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
11	8ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
12	SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
13	gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
14	yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
15	a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
16	-----END DH PARAMETERS-----


diff --git a/src/lib/libssl/src/crypto/dh/dh4096.pem b/src/lib/libssl/src/crypto/dh/dh4096.pem deleted file mode 100644 index 390943a21d..0000000000 --- a/src/lib/libssl/src/crypto/dh/dh4096.pem +++ /dev/null
@@ -1,14 +0,0 @@
1	-----BEGIN DH PARAMETERS-----
2	MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
3	vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
4	TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
5	bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
6	rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
7	EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
8	bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
9	W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
10	ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
11	NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
12	jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
13	-----END DH PARAMETERS-----
14


diff --git a/src/lib/libssl/src/crypto/dh/dh512.pem b/src/lib/libssl/src/crypto/dh/dh512.pem deleted file mode 100644 index 0a4d863ebe..0000000000 --- a/src/lib/libssl/src/crypto/dh/dh512.pem +++ /dev/null
@@ -1,4 +0,0 @@
1	-----BEGIN DH PARAMETERS-----
2	MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
3	a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
4	-----END DH PARAMETERS-----


diff --git a/src/lib/libssl/src/crypto/dh/example b/src/lib/libssl/src/crypto/dh/example deleted file mode 100644 index 16a33d2910..0000000000 --- a/src/lib/libssl/src/crypto/dh/example +++ /dev/null
@@ -1,50 +0,0 @@
1	From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
2	Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
3	(5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
4	Received: by minbne.mincom.oz.au id AA19958
5	(5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
6	Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
7	Wed, 27 Sep 1995 19:13:05 +1000
8	Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
9	Wed, 27 Sep 1995 04:48:46 -0400
10	Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
11	Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
12	Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14])
13	by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442
14	for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
15	Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1)
16	id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
17	Date: Mon, 25 Sep 1995 17:50:51 -0700
18	From: Phil Karn <karn@qualcomm.com>
19	Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
20	To: cypherpunks@toad.com, ipsec-dev@eit.com
21	Subject: Primality verification needed
22	Sender: owner-cypherpunks@toad.com
23	Precedence: bulk
24	Status: RO
25	X-Status:
26
27	Hi. I've generated a 2047-bit "strong" prime number that I would like to
28	use with Diffie-Hellman key exchange. I assert that not only is this number
29	'p' prime, but so is (p-1)/2.
30
31	I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
32	1.3.2 to test this number. This function uses the Miller-Rabin primality test.
33	However, to increase my confidence that this number really is a strong prime,
34	I'd like to ask others to confirm it with other tests. Here's the number in hex:
35
36	72a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
37	fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
38	a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
39	fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
40	3d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
41	ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
42	56a05180c3bec7ddd5ef6fe76b1f717b
43
44	The generator, g, for this prime is 2.
45
46	Thanks!
47
48	Phil Karn
49
50


diff --git a/src/lib/libssl/src/crypto/dh/generate b/src/lib/libssl/src/crypto/dh/generate deleted file mode 100644 index 5d407231df..0000000000 --- a/src/lib/libssl/src/crypto/dh/generate +++ /dev/null
@@ -1,65 +0,0 @@
1	From: stewarts@ix.netcom.com (Bill Stewart)
2	Newsgroups: sci.crypt
3	Subject: Re: Diffie-Hellman key exchange
4	Date: Wed, 11 Oct 1995 23:08:28 GMT
5	Organization: Freelance Information Architect
6	Lines: 32
7	Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
8	References: <458rhn$76m$1@mhadf.production.compuserve.com>
9	NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
10	X-NETCOM-Date: Wed Oct 11 4:09:22 PM PDT 1995
11	X-Newsreader: Forte Free Agent 1.0.82
12
13	Kent Briggs <72124.3234@CompuServe.COM> wrote:
14
15	>I have a copy of the 1976 IEEE article describing the
16	>Diffie-Hellman public key exchange algorithm: y=a^x mod q. I'm
17	>looking for sources that give examples of secure a,q pairs and
18	>possible some source code that I could examine.
19
20	q should be prime, and ideally should be a "strong prime",
21	which means it's of the form 2n+1 where n is also prime.
22	q also needs to be long enough to prevent the attacks LaMacchia and
23	Odlyzko described (some variant on a factoring attack which generates
24	a large pile of simultaneous equations and then solves them);
25	long enough is about the same size as factoring, so 512 bits may not
26	be secure enough for most applications. (The 192 bits used by
27	"secure NFS" was certainly not long enough.)
28
29	a should be a generator for q, which means it needs to be
30	relatively prime to q-1. Usually a small prime like 2, 3 or 5 will
31	work.
32
33	....
34
35	Date: Tue, 26 Sep 1995 13:52:36 MST
36	From: "Richard Schroeppel" <rcs@cs.arizona.edu>
37	To: karn
38	Cc: ho@cs.arizona.edu
39	Subject: random large primes
40
41	Since your prime is really random, proving it is hard.
42	My personal limit on rigorously proved primes is ~350 digits.
43	If you really want a proof, we should talk to Francois Morain,
44	or the Australian group.
45
46	If you want 2 to be a generator (mod P), then you need it
47	to be a non-square. If (P-1)/2 is also prime, then
48	non-square == primitive-root for bases << P.
49
50	In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
51	If you want this, you should restrict your sieve accordingly.
52
53	3 is a generator iff P = 5 (mod 12).
54
55	5 is a generator iff P = 3 or 7 (mod 10).
56
57	2 is perfectly usable as a base even if it's a non-generator, since
58	it still covers half the space of possible residues. And an
59	eavesdropper can always determine the low-bit of your exponent for
60	a generator anyway.
61
62	Rich rcs@cs.arizona.edu
63
64
65