[TLS] I can has SHA-1 hashes for RFC 2409/3526 MODP groups?
Peter Gutmann <pgut001@cs.auckland.ac.nz> Fri, 28 February 2014 12:22 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CF001A07DD for <tls@ietfa.amsl.com>; Fri, 28 Feb 2014 04:22:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.447
X-Spam-Level:
X-Spam-Status: No, score=-2.447 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RP_MATCHES_RCVD=-0.547] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mZ92K0Ju3EMC for <tls@ietfa.amsl.com>; Fri, 28 Feb 2014 04:22:19 -0800 (PST)
Received: from mx2.auckland.ac.nz (mx2.auckland.ac.nz [130.216.125.245]) by ietfa.amsl.com (Postfix) with ESMTP id B08B01A07E0 for <tls@ietf.org>; Fri, 28 Feb 2014 04:20:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=uoa; t=1393590050; x=1425126050; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=gtbkfjieSKPUApHa4iWaH/ljzIgYhnNa3f3X+jFbZYE=; b=e8E9GDOxB0Nies6TZkoAMXjFZHYN9p+Hpy1aILXZiT3wv/yeFmeY9xSi ao0smEmLnu/DmIHVhQS+O8gr+QYCWvDlpG6p7zvDoZeP/QRfw6cETTGxi 9z6bLp5bBSiQiX7BqZK3SWDqaHdON8TMGx/i2wZkqFNLhJBknLCZEf6yb s=;
X-IronPort-AV: E=Sophos;i="4.97,561,1389697200"; d="scan'208";a="236508111"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.112 - Outgoing - Outgoing
Received: from uxchange10-fe1.uoa.auckland.ac.nz ([130.216.4.112]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES128-SHA; 01 Mar 2014 01:20:48 +1300
Received: from UXCN10-6.UoA.auckland.ac.nz ([169.254.10.53]) by uxchange10-fe1.UoA.auckland.ac.nz ([130.216.4.112]) with mapi id 14.03.0174.001; Sat, 1 Mar 2014 01:20:47 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "<tls@ietf.org>" <tls@ietf.org>, "ietf-ssh@NetBSD.org" <ietf-ssh@NetBSD.org>
Thread-Topic: I can has SHA-1 hashes for RFC 2409/3526 MODP groups?
Thread-Index: Ac80f4KYhJZr8H2uQwmODWcaii6Djw==
Date: Fri, 28 Feb 2014 12:20:47 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C73723848D4@uxcn10-6.UoA.auckland.ac.nz>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/3RW-IUgVaNNwc_7Vg3kCFkjOj6A
Subject: [TLS] I can has SHA-1 hashes for RFC 2409/3526 MODP groups?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Feb 2014 12:22:26 -0000
I can has SHA-1 hashes for RFC 2409/3526 MODP groups? The MODP groups for DH specified in RFC 2409 and 3526 seem to be widely used in things like SSH and SSL/TLS, however unlike the RFC 5114 groups there's no subgroup given and so no way to verify that the prime hasn't been corrupted in some way (the generator is easy, it's always 2). OTOH the RFC 5114 groups have stupid generators so I don't know why anyone would use them. In any case I'd like to have a means of verifying the validity of the data for the RFC 2409/3526 primes as stored in memory, but if I generate my own SHA-1 hashes then there's the risk that I'm verifying flawed data. Does anyone have SHA-1 hash values for the RFC 2409/3526 primes, i.e. the 1024/1536/2048/etc- bit values in the two RFCs? The values I've got are: RFC 2409, 1024-bit prime: c0 33 bd 43 51 fb a3 73 25 45 ea 2e 01 6d 52 b0 ... RFC 3526, 1536-bit prime: 49 ec ab a9 72 7a 1a f0 63 60 82 c4 67 48 5a 1a ... RFC 3526, 2048-bit prime: b9 5c 79 9a a5 dd 38 8c 6d f5 e7 23 98 cb 9d 7d ... RFC 3526, 3072-bit prime: 94 1a 04 77 38 fe 55 33 33 69 e2 b3 86 b6 d6 18 ... Peter.
- [TLS] I can has SHA-1 hashes for RFC 2409/3526 MO… Peter Gutmann
- Re: [TLS] I can has SHA-1 hashes for RFC 2409/352… Geoffrey Keating
- Re: [TLS] I can has SHA-1 hashes for RFC 2409/352… Henrick Hellström
- Re: [TLS] I can has SHA-1 hashes for RFC 2409/352… Peter Gutmann
- Re: [TLS] I can has SHA-1 hashes for RFC 2409/352… Peter Gutmann
- Re: [TLS] I can has SHA-1 hashes for RFC 2409/352… Peter Gutmann
- Re: [TLS] I can has SHA-1 hashes for RFC 2409/352… Mouse
- Re: [TLS] I can has SHA-1 hashes for RFC 2409/352… Kurt Roeckx
- Re: [TLS] I can has SHA-1 hashes for RFC 2409/352… Henrick Hellström
- Re: [TLS] I can has SHA-1 hashes for RFC 2409/352… Peter Gutmann
- Re: [TLS] I can has SHA-1 hashes for RFC 2409/352… Mark D. Baushke
- [TLS] MODP group modulus derivation [was: Re: I c… Daniel Kahn Gillmor
- Re: [TLS] MODP group modulus derivation [was: Re:… Henrick Hellström
- Re: [TLS] MODP group modulus derivation [was: Re:… Watson Ladd
- Re: [TLS] MODP group modulus derivation [was: Re:… Henrick Hellström
- Re: [TLS] MODP group modulus derivation [was: Re:… Niels Möller
- Re: [TLS] MODP group modulus derivation [was: Re:… Niels Möller
- Re: [TLS] MODP group modulus derivation [was: Re:… Niels Möller
- Re: [TLS] MODP group modulus derivation [was: Re:… Daniel Kahn Gillmor
- Re: [TLS] MODP group modulus derivation [was: Re:… Jeffrey Hutzelman