Paper 2005/231

Fast generators for the Diffie-Hellman key agreement protocol and malicious standards

Boaz Tsaban

Abstract

The Diffie-Hellman key agreement protocol is based on taking large powers of a generator of a prime-order cyclic group. Some generators allow faster exponentiation. We show that to a large extent, using the fast generators is as secure as using a randomly chosen generator. On the other hand, we show that if there is some case in which fast generators are less secure, then this could be used by a malicious authority to generate a standard for the Diffie-Hellman key agreement protocol which has a hidden trapdoor.

Note: We thank Steven Galbraith and Alfred Menezes for their useful comments.

Metadata
Available format(s)
PDF PS
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
Diffie-Hellman key agreement
Contact author(s)
boaz tsaban @ weizmann ac il
History
2005-07-25: last of 3 revisions
2005-07-20: received
See all versions
Short URL
https://ia.cr/2005/231
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2005/231,
      author = {Boaz Tsaban},
      title = {Fast generators for the Diffie-Hellman key agreement protocol and malicious standards},
      howpublished = {Cryptology {ePrint} Archive, Paper 2005/231},
      year = {2005},
      url = {https://eprint.iacr.org/2005/231}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.