Cryptology ePrint Archive: Report 2005/231

Fast generators for the Diffie-Hellman key agreement protocol and malicious standards

Boaz Tsaban

Abstract: The Diffie-Hellman key agreement protocol is based on taking large powers of a generator of a prime-order cyclic group. Some generators allow faster exponentiation. We show that to a large extent, using the fast generators is as secure as using a randomly chosen generator. On the other hand, we show that if there is some case in which fast generators are less secure, then this could be used by a malicious authority to generate a standard for the Diffie-Hellman key agreement protocol which has a hidden trapdoor.

Category / Keywords: public-key cryptography / Diffie-Hellman key agreement

Date: received 18 Jul 2005, last revised 25 Jul 2005

Contact author: boaz tsaban at weizmann ac il

Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: We thank Steven Galbraith and Alfred Menezes for their useful comments.

Version: 20050725:194913 (All versions of this report)

Discussion forum: Show discussion | Start new discussion