Crypt::DH 0.4

Brad Fitzpatrick brad at danga.com
Tue Jun 7 15:09:51 PDT 2005


Crypt::DH 0.5 on CPAN should address all your concerns:

  http://search.cpan.org/CPAN/authors/id/B/BT/BTROTT/Crypt-DH-0.05.tar.gz

Let me know.

- Brad

On Tue, 7 Jun 2005, Paul Crowley wrote:

> Brad Fitzpatrick wrote:
> > The docs say Upper is an exclusive bound, while Lower is inclusive.
>
> I know, I checked carefully :-)
>
> > So:
> >
> >   makerandom_itv(Strength => 0, Lower => 1, Upper => $dh->{p})
>
> What I had was slightly more correct.  g^(p-1) === 1 (mod p) - so if the
> public key is not to be 1, then the exponent must lie in the range 1 <=
> x < p-1.
>
> However, if subtracting 1 is a problem, don't bother - the probability
> that it'll arise is insanely small.
>
> > The _makerandom fix is easy enough.  Easiest is just making sure the $bits
> > substr used matches /1/ first.
>
> No, that's not the same.  For this application, just measure the size of
>   Upper in bits, then produce a number that has this many bits, then
> reject it if it falls outside the specified range and try again.  I
> hadn't noticed that Uniform was thus defined - we don't want to force
> the high bit to be set.  I can't work out whether Crypt::Random's
> "makerandom_itv" does the right thing when Uniform is on or off, since
> that parameter doesn't make sense for that function.
> --
>    __
> \/ o\ Paul Crowley, paul at ciphergoth.org
> /\__/ http://www.ciphergoth.org/
>
>


More information about the yadis mailing list