Hosting Provided By

Re: A little OT: Diffie Hellman Exchange and Encryption on Cisco Routers

From: Crist J. Clark <cristjc(at)comcast.net>
Date: Mon Aug 04 2003 - 19:52:40 EDT

On Fri, Aug 01, 2003 at 11:08:29AM -0700, Jeremy Junginger wrote:
> In reading about Diffie Hellman Exchanges and Symmetric Encryption between

You don't seem to understand how Diffie-Hellman actually works. If we're talkng about IKE, the primes are known not only by Cisco routers, but every IKE speaking device on the Internet. The values you see wouldn't happen to be the same group generators specified in RFC2409? See Section 6.

Knowledge of these primes does not affect the security of the exchange. DH is designed with assumed that everyone, including potential attackers, knows these values.

What Cisco white papers are you refering to, BTW?

-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     
cjc(at)freebsd.org

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Received on Tue Aug 5 12:40:11 2003

This message: [ Message body ]
Next message: Ranjeet Shetye: "Re: A little OT: Diffie Hellman Exchange and Encryption on Cisco Routers"
Previous message: Ben Nagy: "RE: A little OT: Diffie Hellman Exchange and Encryption on Cisco Routers"
In reply to Jeremy Junginger: "A little OT: Diffie Hellman Exchange and Encryption on Cisco Routers"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:40 EDT