Cryptology ePrint Archive: Report 2005/231
Fast generators for the Diffie-Hellman key agreement protocol and malicious standards
Abstract: The Diffie-Hellman key agreement protocol is based on taking
large powers of a generator of a prime-order cyclic group.
Some generators allow faster exponentiation.
We show that to a large extent, using the fast generators is
as secure as using a randomly chosen generator. On the
other hand, we show that if there is some case in which fast generators are
less secure, then this could be used by a malicious
authority to generate a standard for the Diffie-Hellman key agreement protocol
which has a hidden trapdoor.
Category / Keywords: public-key cryptography / Diffie-Hellman key agreement
Date: received 18 Jul 2005, last revised 25 Jul 2005
Contact author: boaz tsaban at weizmann ac il
Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Note: We thank Steven Galbraith and Alfred Menezes for their useful comments.
Version: 20050725:194913 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]