From subs-reminder@imc.org Mon Dec 2 23:29:47 2002 Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA25679 for ; Mon, 2 Dec 2002 23:29:47 -0500 (EST) From: subs-reminder@imc.org Received: (from phoffman@localhost) by above.proper.com (8.11.6/8.11.3) id gB34WUl24534; Mon, 2 Dec 2002 20:32:30 -0800 (PST) Date: Mon, 2 Dec 2002 20:32:30 -0800 (PST) Message-Id: <200212030432.gB34WUl24534@above.proper.com> To: openpgp-archive@ietf.org Subject: [[825936350]] Subscription to ietf-openpgp for openpgp-archive@lists.ietf.org Greetings. This message is a periodic reminder that openpgp-archive@lists.ietf.org is subscribed to the ietf-openpgp mailing list. There are two purposes for this message: - If this message is bounced by your mail server, I can remove you from the mailing list and reduce waste of bandwidth and resources. (If you are reading this message, it clearly didn't get bounced!) - Some people stay subscribed to mailing lists even though they do not want to because they do not know how to unsubscribe. If you want to stay subscribed to the ietf-openpgp mailing list, you do not need to do anything. Feel free to delete this message. On the other hand, if you want to unsubscribe from this list, simply go to the following link: If for some reason you cannot go to that web site, you can also unsubscribe by email; however, doing so is not as likely to get you unsubscribed as the web site is. To unsubscribe using email, you can respond to this message and I will unsubscribe you by hand in the next few days. Again, this is not assured to work because your mail system may make it impossible for me to determine who you are or what you want to unsubscribe to. Alternatively, you can send a plain-text message to: ietf-openpgp-request@imc.org with the single word unsubscribe in the body of the message. This last method assumes that the "From:" address in your mail is "openpgp-archive@lists.ietf.org". Again, using the web site above is more likely to work than this method (due to limitations in Majordomo, the mailing list software we currently use). If you have any questions, feel free to contact me. --Paul Hoffman, list administrator From owner-ietf-openpgp@mail.imc.org Mon Dec 9 08:03:51 2002 Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA07465 for ; Mon, 9 Dec 2002 08:03:50 -0500 (EST) Received: (from majordomo@localhost) by above.proper.com (8.11.6/8.11.3) id gB9CYqp26731 for ietf-openpgp-bks; Mon, 9 Dec 2002 04:34:52 -0800 (PST) Received: from mout0.freenet.de (exim@mout0.freenet.de [194.97.50.131]) by above.proper.com (8.11.6/8.11.3) with ESMTP id gB9CYng26722 for ; Mon, 9 Dec 2002 04:34:49 -0800 (PST) Received: from [194.97.55.147] (helo=mx4.freenet.de) by mout0.freenet.de with asmtp (Exim 4.10) id 18LN7T-0003Hq-00 for ietf-openpgp@imc.org; Mon, 09 Dec 2002 13:34:43 +0100 Received: from a579a.pppool.de ([213.6.87.154] helo=daredevil) by mx4.freenet.de with esmtp (Exim 4.10 #1) id 18LN7S-0002hK-00 for ietf-openpgp@imc.org; Mon, 09 Dec 2002 13:34:42 +0100 Received: from twoaday by daredevil with local (Exim 3.35 #1 (Debian)) id 18LNBi-0000Vu-00 for ; Mon, 09 Dec 2002 13:39:06 +0100 Date: Mon, 9 Dec 2002 13:39:06 +0100 From: Timo Schulz To: ietf-openpgp@imc.org Subject: Diffie-Hellman key agreement Message-ID: <20021209123906.GA1955@daredevil.joesixpack.net> Reply-To: twoaday@freakmail.de Mail-Followup-To: ietf-openpgp@imc.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-PGP-KeyID: BF3DF9B4 X-PGP-Request: finger:twoaday@members.hellug.gr User-Agent: Mutt/1.5.2i Sender: owner-ietf-openpgp@mail.imc.org Precedence: bulk List-Archive: List-Unsubscribe: List-ID: Hi, I ask me if there are any plans to add the needed details for the public key algorithm type 21 (Reserved for Diffie-Hellman). IMHO this algorithm could be useful in some cases to reduce the complexity of key exchange and public keys in general. On the other hand it's a little annoying that you need more than one step to exchange the final session key. But this could be easily solve with a variation of the DH algorithm: w = secret key which is chosen randomly (w < p) p = prime ((prime-1)/2 should be also prime) g = primitive generator for p y = public key (g^w mod p) 1. alice gets the public key of the recipient bob (p, g, y) 2. alice chose a random x (x < p) and calculates X = g^x mod p the session key is: s = y^x mod p 3. alice ciphers the message with the session key s und sends bob X and the ciphered message 4. bob calculates s = X^w mod p and can decipher the message Compared to the performance of RSA and ELG it should be faster because the exponents are not very large (~160 bits) and no multiplicative inverse is needed. IMHO this algorithm should have the same strength as ELG. And the integration into the OpenPGP protocol should be also easy: Tag 1: set pubkey algorithm 21 and wrap X into a PGP MPI. Tag 6: set pubkey algorithm 21 and store p, g, y (same as for ELG keys). Tag 5: set pukey algorithm 21 and store p, g, y, w (same as ELG keys). Timo Received: (from majordomo@localhost) by above.proper.com (8.11.6/8.11.3) id gB9CYqp26731 for ietf-openpgp-bks; Mon, 9 Dec 2002 04:34:52 -0800 (PST) Received: from mout0.freenet.de (exim@mout0.freenet.de [194.97.50.131]) by above.proper.com (8.11.6/8.11.3) with ESMTP id gB9CYng26722 for ; Mon, 9 Dec 2002 04:34:49 -0800 (PST) Received: from [194.97.55.147] (helo=mx4.freenet.de) by mout0.freenet.de with asmtp (Exim 4.10) id 18LN7T-0003Hq-00 for ietf-openpgp@imc.org; Mon, 09 Dec 2002 13:34:43 +0100 Received: from a579a.pppool.de ([213.6.87.154] helo=daredevil) by mx4.freenet.de with esmtp (Exim 4.10 #1) id 18LN7S-0002hK-00 for ietf-openpgp@imc.org; Mon, 09 Dec 2002 13:34:42 +0100 Received: from twoaday by daredevil with local (Exim 3.35 #1 (Debian)) id 18LNBi-0000Vu-00 for ; Mon, 09 Dec 2002 13:39:06 +0100 Date: Mon, 9 Dec 2002 13:39:06 +0100 From: Timo Schulz To: ietf-openpgp@imc.org Subject: Diffie-Hellman key agreement Message-ID: <20021209123906.GA1955@daredevil.joesixpack.net> Reply-To: twoaday@freakmail.de Mail-Followup-To: ietf-openpgp@imc.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-PGP-KeyID: BF3DF9B4 X-PGP-Request: finger:twoaday@members.hellug.gr User-Agent: Mutt/1.5.2i Sender: owner-ietf-openpgp@mail.imc.org Precedence: bulk List-Archive: List-Unsubscribe: List-ID: Hi, I ask me if there are any plans to add the needed details for the public key algorithm type 21 (Reserved for Diffie-Hellman). IMHO this algorithm could be useful in some cases to reduce the complexity of key exchange and public keys in general. On the other hand it's a little annoying that you need more than one step to exchange the final session key. But this could be easily solve with a variation of the DH algorithm: w = secret key which is chosen randomly (w < p) p = prime ((prime-1)/2 should be also prime) g = primitive generator for p y = public key (g^w mod p) 1. alice gets the public key of the recipient bob (p, g, y) 2. alice chose a random x (x < p) and calculates X = g^x mod p the session key is: s = y^x mod p 3. alice ciphers the message with the session key s und sends bob X and the ciphered message 4. bob calculates s = X^w mod p and can decipher the message Compared to the performance of RSA and ELG it should be faster because the exponents are not very large (~160 bits) and no multiplicative inverse is needed. IMHO this algorithm should have the same strength as ELG. And the integration into the OpenPGP protocol should be also easy: Tag 1: set pubkey algorithm 21 and wrap X into a PGP MPI. Tag 6: set pubkey algorithm 21 and store p, g, y (same as for ELG keys). Tag 5: set pukey algorithm 21 and store p, g, y, w (same as ELG keys). Timo