Skip to Content.

rare-dev - Re: [rare-dev] ecdh vs dh

Subject: Rare project developers

List archive


Re: [rare-dev] ecdh vs dh


Chronological Thread 
    < Chronological >      < Thread >
  • From: mc36 <>
  • To: , Cristina Klippel Dominicini <>, Everson Scherrer Borges <>, Gabriel Tetzner <>
  • Subject: Re: [rare-dev] ecdh vs dh
  • Date: Tue, 30 Aug 2022 06:32:43 +0200
hi,

On 8/29/22 17:14, Cristina Klippel Dominicini wrote:
Hi Csaba!

I am happy to hear this :-)

well, and there were other issues, seemingly we had bad math teachers all the
time...
for example my calculus prof repeatedly declared that he hates informatics...
btw maybe not, so that was one of the reasons that i concentrated on
programming...
(at that time there were no specialized telecommunication/programmer)

I sent the e-mail to my friends, but in the meanwhile I am investigating and
found this track:

Section 15.5, page 419
https://shoup.net/ntb/ntb-v2.pdf

"There are two other factoring algorithms not discussed here, but that should
anyway at least be mentioned. The first is the elliptic curve method, introduced
by Lenstra [60]. Unlike all of the other known subexponential-time algorithms, the
running time of this algorithm is sensitive to the sizes of the factors of n; in
particular, if p is the smallest prime dividing n, the algorithm will find p
(heuristically) in expected time
exp[(√2 + o(1))(log p log log p)1/2] · len(n)O(1).
This algorithm is quite practical, and is the method of choice when it is known
(or suspected) that n has some small factors. It also has the advantage that it
uses only polynomial space (unlike all of the other known subexponential-time
factoring algorithms)."

well, i found the small epsilon (if that's the right terminology?)
surrounding of the mentioned page quite interesting so let's do a quick
experiment:



at a freerouter, i did the following:


sid#
sid#debug proto tls
sid#debug proto ssh
sid#
sid#info servDnsDoer.doer:servDns.java:695 10.10.10.10 queried
name=sid.mchome.nop.hu class=in type=ip4a ttl=-1
info servDnsDoer.doer:servDns.java:695 10.10.10.10 queried
name=sid.mchome.nop.hu class=in type=ip6a ttl=-1
debug secSsh.workerServer:secSsh.java:440 starting
debug packSshInit.exchangeVersion:packSshInit.java:244 remote:
SSH-2.0-OpenSSH_9.0p1 Debian-1+b1
debug packSshInit.kexInitDump:packSshInit.java:479 tx ext=true kex=diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 sng=rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss encCS=aes256-ctr,aes256-cbc,3des-ctr,3des-cbc,blowfish-ctr,blowfish-cbc,rc2-ctr,rc2-cbc,des-ctr,des-cbc encSC=aes256-ctr,aes256-cbc,3des-ctr,3des-cbc,blowfish-ctr,blowfish-cbc,rc2-ctr,rc2-cbc,des-ctr,des-cbc macCS=hmac-sha2-512,hmac-sha2-256,hmac-sha1,hmac-md5 macSC=hmac-sha2-512,hmac-sha2-256,hmac-sha1,hmac-md5 cmpCS=none cmpSC=none frst=false
debug packSsh.packSend:packSsh.java:550 tx type=key exchange size=623
debug packSsh.packRecv:packSsh.java:653 rx type=key exchange size=1494
debug packSshInit.kexInitDump:packSshInit.java:479 rx ext=true kex=diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 sng=rsa-sha2-512,rsa-sha2-256 encCS=aes256-ctr encSC=aes256-ctr macCS=hmac-sha2-256,hmac-sha2-512,hmac-sha1 macSC=hmac-sha2-256,hmac-sha2-512,hmac-sha1 cmpCS=none cmpSC=none frst=false
debug packSshInit.kexInitDump:packSshInit.java:479 final ext=true kex=diffie-hellman-group-exchange-sha256 sng=rsa-sha2-512 encCS=aes256-ctr encSC=aes256-ctr macCS=hmac-sha2-256 macSC=hmac-sha2-256 cmpCS=none cmpSC=none frst=false
debug packSsh.packRecv:packSsh.java:653 rx type=kex request size=12
debug packSshKex.gexReqDump:packSshKex.java:327 rx min=2048 best=8192 max=8192
debug packSshKex.gexGroupDump:packSshKex.java:375 tx group=2 prime=1044388881413152506679602719846529545831269060992135009022588756444338172022322690710444046669809783930111585737890362691860127079270495454517218673016928427459146001866885779762982229321192368303346235204368051010309155674155697460347176946394076535157284994895284821633700921811716738972451834979455897010306333468590751358365138782250372269117968985194322444535687415522007151638638141456178420621277822674995027990278673458629544391736919766299005511505446177668154446234882665961680796576903199116089347634947187778906528008004756692571666922964122566174582776707332452371001272163776841229318324903125740713574141005124561965913888899753461735347970011693256316751660678950830027510255804846105583465055446615090444309583050775808509297040039680057435342253926566240898195863631588888936364129920059308455669454034010391478238784189888594672336242763795138176353222845524644040094258962433613354036104643881925238489224010194193088911666165584229424668165441688927790460608264864204237717002054744337988941974661214699689706521543006262604535890998125752275942608772174376107314217749233048217904944409836238235772306749874396760463376480215133461333478395682746608242585133953883882226786118030184028136755970045385534758453247
debug packSsh.packSend:packSsh.java:550 tx type=kex group size=522
debug packSsh.packRecv:packSsh.java:653 rx type=kex init size=517
debug packSshKex.gexInitDump:packSshKex.java:414 rx e=632655297339415220376256239364916779765570013151096207055195631684830524169937302075248799754324885864819617767956227111182326579371000965583891956533225317044619292976343190144134787454102061049221037961405435140669076209357283717073607755363290142477713104303402721623803765377446448177434020106618260311514670018352948778919272241366262032751628689696541692235144154005241661105516353591378031037894891399915154042193968386427280507536924942909280975793460480709909830792291140329719451022529287114326118824814002631858375806920199611716032583628363051685944126802975226643391339525878326380133324099259668508271562497124760578874963746200342962717146333391328069135396526912588746885660206798792851808398615953663816996482590827952255763205907366309895652725681245501721141394718373554083737342212947708921319948315707358359706127147677549239981870752924766413046564124777786898028396738645152717874004540513682340009788084991742955547965468405533906215360978720249773694271047520548301250345599783126287646759782584166596524179675947142652316477656473567200766542315788565208003828215460690924240060955237424545903093350900944994706729860480993691681361334913638420076397591639334591283940557675853358400732175973522530001087717
debug packSshKex.hashCalc:packSshKex.java:167 hash= da 44 be ea 14 75 b6 56 85 ad d5 77 55 60 6b 7b df 75 3a 8e a9 4c ec 04 34 8b c3 a7 90 ee 01 c2 k=754124670962675456472372857221957192909985981881566657293207942994213096516280487590102304279647460710869712935660078393199724598267263873942399645731020865639541868462803020259485284229966622280699491125400400622254626853140662138092311564472885316109498926981130442724408886394300593236880117775941260639678636029862864352655777114282110943254578600968264275201867182226334297742679954420201158596315218094490486424820399962802918243321305110844952407983058332545572463616758182120471075129323358175406458835994476848344542226080303436069334773819153067463464345656599530658753717310777046224764348386639154890831431429416398574389063760047264963024259048650678990150151932248091721365678473677986645449688682540668192590694873863443354054900917761207438964748442450847285486102165508120146729831014244148802856788955295051227810336682654267535468487519417500119057210490219534950602628683128888709075650139746560806920995471813651691918678098441017677295383253328508398970114355485771965391788833729726969882684145367233935606223759073369706340985335402065392823536179712073517575696785566969908181579040342288822447144339303471692455764297530622167018352291207493835457464297849930330191849136246572919915483170012052523951276493 ivCS= f8 a7 94 60 2c b5 6e 57 49 c0 a4 b4 7b c9 eb 0b 1e 7f 34 52 94 8b 5b 39 0e 36 d1 92 13 63 0d c8 9d b0 d9 0f a0 10 d7 96 7c cf 5a c9 c8 f5 a2 55 09 ac f8 3b fe 07 30 7b 5f 25 53 bc 64 c4 54 23 bc 09 37 b8 91 c3 03 96 bb 78 1b aa 28 9a 94 09 5a e2 96 ca c8 69 83 c8 db ad f8 bc 94 5a 01 66 0f 8b 07 e0 c4 96 d1 e8 3a 90 63 db 33 72 21 16 4f c0 a9 3a fd fe 86 f0 69 21 cb cf 31 97 d5 6c ivSC= ee 64 66 a0 c0 99 76 10 96 b7 e8 0f e5 cb 7a 5c 05 a4 ff 53 05 48 6d 25 87 44 9e 0b 49 c7 98 84 1a 2e 87 85 72 09 1b 18 17 c3 54 8e ff 65 20 b5 9a 23 5e 98 03 49 32 b9 1b cc 80 6c ce 83 23 84 ab 28 fa b3 e8 bf a3 b5 d3 c8 bd b0 44 9b b2 44 0a 3b 60 a9 16 35 a0 bf 98 2b 90 b6 21 2a 6d 97 4a e0 62 f7 01 d9 71 58 e3 2c 67 07 c2 6b f5 99 1c 48 2f e8 e2 14 63 64 19 17 0a 15 5b 69 ea 0e encCS= 28 43 cf 2d 49 98 0d b9 e5 73 fb 76 ae 9c 39 00 cb 3c b2 fb f6 34 8c 77 da 38 50 f4 21 d8 7b 6b 50 20 54 1a 10 6f 1d 3a e9 b9 05 79 32 e6 dc 71 e7 8f 07 54 80 30 c1 bf 3a b2 4b 21 95 8f 64 15 73 a9 03 2c 4a d1 32 4a a5 ad 73 1b 1e 14 11 70 62 42 81 0c a7 94 1d 1b 04 76 cb 53 18 f9 26 82 5b 11 98 72 d9 f0 16 b3 f1 56 dd 36 43 f9 71 6d 57 59 e9 d0 90 f6 ae 2f dc a4 c2 82 45 8c d5 27 encSC= 9b a5 30 a0 24 bd bd 4f b2 0e f7 cf ac 53 68 99 b8 83 13 c5 8c a8 60 9b 91 e9 ed 73 5a dd 9b 94 1d 85 d5 ec cd d3 ad ab d9 64 a2 5f cf ab d6 70 e6 4c b4 21 32 80 6a 51 40 07 0b 1e 11 79 09 d0 99 ae ee 0f 28 c0 30 29 63 fb 28 35 f7 20 37 7b 90 db 33 d1 ce dd 42 41 b3 8e 3c ee d6 73 cb ec 99 74 0c d8 0c b8 69 c2 b7 c1 64 05 4d 3e f2 14 5f 31 22 b7 7c 06 1a e9 d2 17 80 0f 9a 6a ae dd macCS= 99 b8 53 80 1a 2a 07 f0 b6 65 fc 6e 82 48 03 79 42 7b c8 23 5a 40 b5 88 15 97 a0 99 be c1 1a 1f 49 bf 36 25 fb 00 aa 0d 48 b5 56 1a 64 8d bd cf 57 ab 94 85 66 ac ac e8 7e 04 8c f6 de 99 37 e5 4e 74 6a dd 48 7e 3f e0 b3 56 06 ef c0 32 a0 40 bc d0 40 b4 ad 08 b3 a0 63 a0 ad c9 16 60 f7 93 b2 7b 09 f4 97 20 6c c4 0d 8c d5 47 0c 9e 75 d0 7a 5a 23 82 4b ad 00 fe cb 10 e0 dd 45 13 8c ac macSC= 15 3d d1 be 17 a9 2e a9 cf c5 5d ce 08 18 35 a9 02 3f 84 08 16 4f a9 1f e0 bb fe 20 4f 0e 93 44 a8 7e e5 8f 81 07 b7 41 75 43 bb c9 ad 8b b7 28 62 68 62 30 e9 8e cd 6e f0 94 f2 0f a5 78 8a e0 d8 97 c3 bd 98 e9 fd 46 82 62 26 65 08 de 9e 67 c6 ca 84 46 ea 3c 26 57 ad b0 12 87 b7 c0 6a 0c 8a 45 63 e9 9e 33 b4 e0 e5 a7 a9 b7 06 e6 da ac 82 d0 d5 f7 d3 14 25 d1 56 1f 3d a2 56 4f 78 1c
debug packSshKex.gexReplyDump:packSshKex.java:462 tx f=1020326475561055968524690342826931056334978097040624421508026925507161212219483353424849705644351936279365404485130568938747302498202822203701429375401963185723329801124219837283864860931373668471949374622612438618408161863769312888607658753382380302768964744180227891136175207527993753741760915823017724212006865242926391415087737418415183736564808189064251172940757998050248506323646430989466844086238483001218213729982683664430478792027622746508463970343478181066628370969463951500535144422120565897850731832455903055509593247825375499487398824260917410659928058040508274567878189552338830443021804796968143954235292006409558949869396662989025172720279423767306019043292899313141982455516860705847403943106115935108690774479395699193299246933867690841675158888104103253624473042858775716722496126694489961263415031339111510104900811512614173343905198722141340928717915181596838210391818524109280274204245701051623097122076380967598411419396718556616405028444090911694595160459449227664736206461817684828865782594594805347768008749506642472488007132602455441526171152962175473226648432686028046591780085375724858310758800271493037795083924299988986056663779216312069577212212076527914666744067711004441198075103966424495308724926980 sign= 00 00 00 0c 72 73 61 2d 73 68 61 32 2d 35 31 32 00 00 00 80 60 60 5c 2f 69 5a 26 ed 60 24 03 8a a9 6b d7 d3 e0 7c 7b 00 97 a0 2e 10 ce cf 0b 51 ca 32 27 bb 60 b7 ed e4 4a c5 5d b0 28 a1 93 da ba e5 ee 0d df 1e f8 d5 ed cc c7 37 fa ad 5c 79 e9 1f 80 cc e9 6a 78 7f 77 73 e0 28 e0 cb c9 7c 56 98 e1 26 42 f7 36 8f 70 20 e5 ef 15 7e 26 1b de 9e 1b 98 29 89 a7 fb 9f 74 fa 80 ad f1 3c e8 82 da 0c 68 0e b2 4b ad 8a 10 bb 98 f1 4b 26 e1 10 f0 31 03 cert= 00 00 00 07 73 73 68 2d 72 73 61 00 00 00 03 01 00 01 00 00 00 81 00 81 d8 b3 56 68 4d ca ca af 0f 17 87 79 47 13 23 19 c6 c8 0f ae fc 7e 47 f5 65 09 60 1e 62 ca d6 e8 69 84 61 6a e6 82 b7 72 cc a3 9b 8f e9 56 b8 a6 00 03 d1 72 f2 7f 47 ec 7c 0b 80 25 03 d3 9a e8 72 e0 0b 40 68 bc 18 ac 2a 10 85 41 66 c2 22 3b ea 96 4e 8d f8 50 f4 fb 3f da e5 ce c3 bb 94 4d 4f 26 cf ca 0a f1 ec 26 11 80 9c fb 49 e5 27 6d 98 42 73 08 71 0b 6f 35 6a 6b 00 3a 1c 9d c1
debug packSsh.packSend:packSsh.java:550 tx type=kex reply size=824
debug packSsh.packSend:packSsh.java:550 tx type=new keys size=0
debug packSsh.packRecv:packSsh.java:653 rx type=new keys size=0
debug packSsh.packSend:packSsh.java:550 tx type=extensions info size=68
debug packSsh.packRecv:packSsh.java:653 rx type=service request size=16
debug packSshAuth.servReqDump:packSshAuth.java:112 rx service=ssh-userauth
debug packSshAuth.servReqDump:packSshAuth.java:112 tx service=ssh-userauth
debug packSsh.packSend:packSsh.java:550 tx type=service accept size=16
debug packSsh.packRecv:packSsh.java:653 rx type=auth request size=34
debug packSshAuth.authReqDump:packSshAuth.java:213 rx service=ssh-connection
user=mc36 method=none password= blob=n/a sign=n/a
debug packSsh.packSend:packSsh.java:550 tx type=auth failure size=23
debug packSsh.packRecv:packSsh.java:653 rx type=auth request size=595
debug packSshAuth.authReqDump:packSshAuth.java:213 rx service=ssh-connection user=mc36 method=publickey password=rsa-sha2-512 blob= 00 00 00 07 73 73 68 2d 72 73 61 00 00 00 03 01 00 01 00 00 02 01 00 aa 1d 37 a5 0a 94 8b 55 56 b7 54 7a 23 ca 10 62 f4 57 61 54 d4 46 42 0e 21 a5 c0 06 58 3d da 8e 72 fd 6d e5 b2 f4 08 99 ad 85 0f 20 79 74 f2 70 50 f6 b9 6b 70 a6 a0 8b 5c bd a2 4e ca 30 62 fa 6b 13 41 63 60 00 3e 8a 67 94 c2 10 cf 92 ee eb dd d1 2d e6 e0 28 e5 0f 0e c8 ab f5 dd 7b 3a 9a 47 87 1b ff f6 4f db 22 91 3d f6 df b2 c6 f4 b1 06 a7 8f 34 2d 63 3d 5a 92 89 30 33 53 5d e1 eb 6d 45 9b aa 0b 12 35 d2 56 34 64 3e 88 20 1b 0c 49 03 66 b9 52 51 36 09 a0 ee c5 d6 b6 88 fd 14 97 14 8b c0 db 33 b9 bd d7 06 f6 5a bf 49 60 f7 c5 f3 87 71 8f 0e 20 01 fb e4 ac 8c 50 b7 78 92 fe e5 22 f8 42 17 22 01 c4 87 8d 96 aa c6 9e e0 30 d8 a8 96 95 8e f3 ec 74 b1 f5 dd 6c 8d 35 bc 2a 76 87 9d 19 d8 e3 9b 3d a8 25 38 70 59 63 0a 21 4a d2 c1 00 4c eb a9 59 51 0e 73 ed 33 33 50 23 5c ce 7e f6 67 c3 e5 99 53 b7 f7 af eb da fa 9d a1 f1 4d fb 84 23 71 7a 7c 9e 18 7a 81 a1 5e 3d 1f c6 6e 21 5a 2c 2f 3e 77 3a 58 96 f0 fe af 7c 09 25 c8 08 13 98 49 30 cb a0 92 69 10 2a 20 18 07 26 b9 e9 c2 8e 0e 4a 32 4e 1a b8 20 26 6c c4 f9 a8 29 8c d3 f0 18 1f 17 36 3b 71 18 85 15 fb 96 b7 a5 79 50 a6 e9 56 54 f6 b5 98 3c 44 3b d9 d1 c9 0a 6f 1d d6 d4 19 35 b3 36 63 b2 a2 98 96 9d 47 92 ba 72 10 29 90 84 78 3e 0b bb 83 50 24 75 58 07 b9 26 ec ba 68 f6 65 bf 40 be dd 1d ac 11 4b 73 f4 3f be e4 ec 92 3e c6 e4 af c8 60 3d a5 d8 de de d0 88 ae 38 e2 56 e4 8f 0c 87 40 08 96 b5 34 17 07 1c eb 3c c4 ec a2 0e f1 fd a6 7d 29 5c f2 70 4e 5e 8e 9a 1b ba cd c6 27 40 76 9f de ce ff e3 88 04 45 a1 98 cb 1f 62 78 67 b3 21 f8 72 65 9c dc d9 9f 53 ba a2 54 f5 d5 99 a1 sign=n/a
debug packSsh.packSend:packSsh.java:550 tx type=auth failure size=23
debug packSsh.packRecv:packSsh.java:653 rx type=auth request size=467
debug packSshAuth.authReqDump:packSshAuth.java:213 rx service=ssh-connection user=mc36 method=publickey password=rsa-sha2-512 blob= 00 00 00 07 73 73 68 2d 72 73 61 00 00 00 03 01 00 01 00 00 01 81 00 9a 0b 89 37 40 03 c7 27 80 26 11 d2 55 68 c8 aa 75 a3 d0 4a ca b9 01 6f a5 71 78 d2 ca 89 d9 2b 4f 17 15 e9 77 66 b3 7d 06 ab df d5 bb 14 73 74 03 34 25 64 9c 8d 22 dc 98 18 ee d3 d0 89 34 6e 8b 5a 7a 78 3c 6f a3 e8 2d 17 de 9d e0 ca 93 cd fd 0c 22 94 fb 59 da 99 60 8d ba 3b 08 e2 9f 53 82 11 3d 3a 1c d5 c5 d1 52 9f e7 73 3a eb a4 06 e2 48 1d 12 83 9c 90 47 d8 ae 8c ed 9f 2d 52 ab c5 cb c0 c4 06 cd bb 4e 0a 1e 4c 18 5a 19 f3 67 84 20 df df 4f 91 37 ed 17 9b 18 78 e0 30 fc bf 09 9b 03 7b 2b 25 02 af 34 86 30 c2 18 9a 21 94 90 84 13 8a 23 69 12 f6 81 f8 65 e6 eb 73 9f 6d fe 59 72 cf 91 47 db cf e9 8d c7 12 63 4e f0 77 62 72 ca 7a bd 83 3d ee 9c 56 f9 5f 2c f0 87 00 23 1a b0 03 c5 a0 32 f8 a1 fd 7f 17 a0 5b 63 32 b8 4b 4b 3f 05 0a b4 c8 da 46 40 47 a4 59 4d 84 bf 00 84 46 ae 54 d3 a0 fc ba 0a cd f5 72 66 3d 3b 2f 34 f0 d0 90 c4 52 6a e1 e4 e3 8b 2d 7c 7a f4 c0 1b 71 4f d4 08 d5 20 86 1b e9 02 db 8b 72 4a 3d 00 76 ef d7 e2 fe 2a 8e 4e dd ea 8c 4f 32 f9 6a 16 e0 77 fe f9 75 f5 94 1a a9 dd 45 9f 4f e7 df f3 04 df 45 ba 45 5e 32 bf 37 ce c2 90 b8 3f c5 54 0f aa 32 67 89 e1 cc 5b c1 22 ff 64 c5 fe c9 a8 d7 76 fc cf 39 bb c6 48 02 e0 c5 0c ad sign=n/a
debug packSshAuth.authPkeyDump:packSshAuth.java:246 tx method=rsa-sha2-512 blob= 00 00 00 07 73 73 68 2d 72 73 61 00 00 00 03 01 00 01 00 00 01 81 00 9a 0b 89 37 40 03 c7 27 80 26 11 d2 55 68 c8 aa 75 a3 d0 4a ca b9 01 6f a5 71 78 d2 ca 89 d9 2b 4f 17 15 e9 77 66 b3 7d 06 ab df d5 bb 14 73 74 03 34 25 64 9c 8d 22 dc 98 18 ee d3 d0 89 34 6e 8b 5a 7a 78 3c 6f a3 e8 2d 17 de 9d e0 ca 93 cd fd 0c 22 94 fb 59 da 99 60 8d ba 3b 08 e2 9f 53 82 11 3d 3a 1c d5 c5 d1 52 9f e7 73 3a eb a4 06 e2 48 1d 12 83 9c 90 47 d8 ae 8c ed 9f 2d 52 ab c5 cb c0 c4 06 cd bb 4e 0a 1e 4c 18 5a 19 f3 67 84 20 df df 4f 91 37 ed 17 9b 18 78 e0 30 fc bf 09 9b 03 7b 2b 25 02 af 34 86 30 c2 18 9a 21 94 90 84 13 8a 23 69 12 f6 81 f8 65 e6 eb 73 9f 6d fe 59 72 cf 91 47 db cf e9 8d c7 12 63 4e f0 77 62 72 ca 7a bd 83 3d ee 9c 56 f9 5f 2c f0 87 00 23 1a b0 03 c5 a0 32 f8 a1 fd 7f 17 a0 5b 63 32 b8 4b 4b 3f 05 0a b4 c8 da 46 40 47 a4 59 4d 84 bf 00 84 46 ae 54 d3 a0 fc ba 0a cd f5 72 66 3d 3b 2f 34 f0 d0 90 c4 52 6a e1 e4 e3 8b 2d 7c 7a f4 c0 1b 71 4f d4 08 d5 20 86 1b e9 02 db 8b 72 4a 3d 00 76 ef d7 e2 fe 2a 8e 4e dd ea 8c 4f 32 f9 6a 16 e0 77 fe f9 75 f5 94 1a a9 dd 45 9f 4f e7 df f3 04 df 45 ba 45 5e 32 bf 37 ce c2 90 b8 3f c5 54 0f aa 32 67 89 e1 cc 5b c1 22 ff 64 c5 fe c9 a8 d7 76 fc cf 39 bb c6 48 02 e0 c5 0c ad
debug packSsh.packSend:packSsh.java:550 tx type=auth pubkey size=427
debug packSsh.packRecv:packSsh.java:653 rx type=auth request size=875
debug packSshAuth.authReqDump:packSshAuth.java:213 rx service=ssh-connection user=mc36 method=publickey password=rsa-sha2-512 blob= 00 00 00 07 73 73 68 2d 72 73 61 00 00 00 03 01 00 01 00 00 01 81 00 9a 0b 89 37 40 03 c7 27 80 26 11 d2 55 68 c8 aa 75 a3 d0 4a ca b9 01 6f a5 71 78 d2 ca 89 d9 2b 4f 17 15 e9 77 66 b3 7d 06 ab df d5 bb 14 73 74 03 34 25 64 9c 8d 22 dc 98 18 ee d3 d0 89 34 6e 8b 5a 7a 78 3c 6f a3 e8 2d 17 de 9d e0 ca 93 cd fd 0c 22 94 fb 59 da 99 60 8d ba 3b 08 e2 9f 53 82 11 3d 3a 1c d5 c5 d1 52 9f e7 73 3a eb a4 06 e2 48 1d 12 83 9c 90 47 d8 ae 8c ed 9f 2d 52 ab c5 cb c0 c4 06 cd bb 4e 0a 1e 4c 18 5a 19 f3 67 84 20 df df 4f 91 37 ed 17 9b 18 78 e0 30 fc bf 09 9b 03 7b 2b 25 02 af 34 86 30 c2 18 9a 21 94 90 84 13 8a 23 69 12 f6 81 f8 65 e6 eb 73 9f 6d fe 59 72 cf 91 47 db cf e9 8d c7 12 63 4e f0 77 62 72 ca 7a bd 83 3d ee 9c 56 f9 5f 2c f0 87 00 23 1a b0 03 c5 a0 32 f8 a1 fd 7f 17 a0 5b 63 32 b8 4b 4b 3f 05 0a b4 c8 da 46 40 47 a4 59 4d 84 bf 00 84 46 ae 54 d3 a0 fc ba 0a cd f5 72 66 3d 3b 2f 34 f0 d0 90 c4 52 6a e1 e4 e3 8b 2d 7c 7a f4 c0 1b 71 4f d4 08 d5 20 86 1b e9 02 db 8b 72 4a 3d 00 76 ef d7 e2 fe 2a 8e 4e dd ea 8c 4f 32 f9 6a 16 e0 77 fe f9 75 f5 94 1a a9 dd 45 9f 4f e7 df f3 04 df 45 ba 45 5e 32 bf 37 ce c2 90 b8 3f c5 54 0f aa 32 67 89 e1 cc 5b c1 22 ff 64 c5 fe c9 a8 d7 76 fc cf 39 bb c6 48 02 e0 c5 0c ad sign= 00 00 00 0c 72 73 61 2d 73 68 61 32 2d 35 31 32 00 00 01 80 0a e9 59 14 ee 59 cd 60 62 ee be 6c 97 16 28 a3 de 9b dd fe 61 88 52 43 56 41 2b 34 93 e1 eb 54 e2 1a 8a 53 60 77 ae 36 3d 84 ae 73 54 5c b2 a1 fc d2 dc 7a d5 a4 44 78 17 05 ce 23 3c 41 6a 45 2f bb c1 47 03 90 ce 6b b2 9c 0d 0a a1 ce 4b 5a a8 a1 ba 26 26 1c 7e ea 30 2c 42 47 27 27 fd e7 39 4b d5 93 99 87 9a 0a 3b 75 8f 7e 41 08 c9 35 76 3a da b4 95 c0 42 51 62 9b fa ce 57 fc 76 be db 1e f9 22 3d 11 92 51 e6 fc 16 63 b4 b6 ae 21 73 44 40 e5 c7 89 55 46 c5 3c 70 03 68 ed eb d6 30 e1 52 17 2a f0 bc c3 8c f8 0f 95 e9 de be f4 fa 8b af 9e 6c b1 b4 ca 80 8a d3 a9 34 f0 2d c2 0d b4 cc 13 c6 6e 75 ae 7c 00 2c f9 af ba 28 11 7d 5a 88 54 4a f7 ff 6b 9b d3 82 d1 47 8d 4f f4 19 05 48 7c c1 f1 ae f0 fa 51 98 60 48 ff bd fa 06 1d fd 31 8a 69 53 9e 34 14 8b fd 89 e2 6a e8 7b 80 d8 48 c3 89 df 86 06 04 b6 2e f6 63 60 ec 18 90 ff 98 4f a7 d2 cd b3 80 8a a9 e1 68 37 36 3f 1e 4f 27 80 bb 6f f8 58 57 6c a2 4f c2 76 94 7c a5 e7 9a 96 73 10 e7 98 a1 3e 83 40 c3 96 f2 0a 44 ce af fe 2f 2e c1 fe 84 1d 2e fc 7c 22 63 25 a3 d2 65 2e ba 91 55 d7 63 44 b9 bc 61 93 23 d0 66 4a 1c 1d bd b0 fc a3 d1 9f 29 82 51 01 4d ae 82 35 5d ef 37 8b 97 b7 42 f3 3f 09 42 d4 99
debug packSsh.packSend:packSsh.java:550 tx type=auth success size=0
debug packSsh.packRecv:packSsh.java:653 rx type=channel open size=23
debug packSshChan.chanOpenDump:packSshChan.java:141 rx type=session chan=0/0
win=1048576 pack=16384
debug packSshChan.chanOpenDump:packSshChan.java:141 tx type=session
chan=0/699028535 win=2147483647 pack=1024
debug packSsh.packSend:packSsh.java:550 tx type=channel confirmation size=16
debug packSsh.packRecv:packSsh.java:653 rx type=channel request size=315
debug packSshChan.chanReqDump:packSshChan.java:275 rx type=pty-req
chan=699028535 reply=true
debug packSsh.packSend:packSsh.java:550 tx type=channel success size=4
debug packSsh.packRecv:packSsh.java:653 rx type=channel request size=35
debug packSshChan.chanReqDump:packSshChan.java:275 rx type=env chan=699028535
reply=false
debug packSsh.packRecv:packSsh.java:653 rx type=channel request size=14
debug packSshChan.chanReqDump:packSshChan.java:275 rx type=shell
chan=699028535 reply=true
debug packSsh.packSend:packSsh.java:550 tx type=channel success size=4
info userLineHandler.doExec:userLine.java:782 mc36 logged in from telnet
loopback0 22 -> 2001:db8:8319::200:11ff:fe11:2222 46714
debug packSsh.packSend:packSsh.java:550 tx type=channel data size=765
debug packSsh.packSend:packSsh.java:550 tx type=channel data size=10
debug packSsh.packSend:packSsh.java:550 tx type=channel data size=153
debug packSsh.packRecv:packSsh.java:653 rx type=channel data size=9
debug packSsh.packSend:packSsh.java:550 tx type=channel data size=43
debug packSsh.packRecv:packSsh.java:653 rx type=channel data size=9
debug packSsh.packSend:packSsh.java:550 tx type=channel data size=16
debug packSsh.packSend:packSsh.java:550 tx type=channel data size=37
debug packSsh.packRecv:packSsh.java:653 rx type=channel data size=9
debug packSsh.packSend:packSsh.java:550 tx type=channel data size=47
debug packSsh.packRecv:packSsh.java:653 rx type=channel data size=9
debug packSsh.packSend:packSsh.java:550 tx type=channel data size=19
debug packSsh.packSend:packSsh.java:550 tx type=channel data size=38
debug packSsh.packRecv:packSsh.java:653 rx type=channel data size=9
debug packSsh.packSend:packSsh.java:550 tx type=channel data size=10
debug packSsh.packSend:packSsh.java:550 tx type=channel data size=159
debug packSsh.packSend:packSsh.java:550 tx type=channel data size=33
info userLineHandler.doExec:userLine.java:864 mc36 logged out from telnet
loopback0 22 -> 2001:db8:8319::200:11ff:fe11:2222 46714
debug packSsh.packSend:packSsh.java:550 tx type=channel data size=23
debug secSshTx.run:secSsh.java:776 tx stopped
debug secSshRx.run:secSsh.java:753 rx stopped
debug secSsh.run:secSsh.java:194 main stopped
info prtTcp.connectionRcvd:prtTcp.java:905 got future acknowledge number telnet
loopback0 22 -> 2001:db8:8319::200:11ff:fe11:2222 46714
info prtTcp.connectionRcvd:prtTcp.java:962 got data while not open telnet
loopback0 22 -> 2001:db8:8319::200:11ff:fe11:2222 46714
info prtTcp.connectionRcvd:prtTcp.java:905 got future acknowledge number telnet
loopback0 22 -> 2001:db8:8319::200:11ff:fe11:2222 46714
info ipHostWatch.doWork:ipHostWatch.java:97 new host appeared
2001:db8:1123::1 0022.2353.0573
info ipHostWatch.doWork:ipHostWatch.java:97 new host appeared 10.1.123.254
0022.2353.0573
info userTest.doer:userTest.java:423 someone from 10.1.123.254 hit the script
info userTest.doer:userTest.java:423 someone from 2001:db8:1123::1 hit the
script
info ipHostWatch.doWork:ipHostWatch.java:97 new host appeared
fe80::222:23ff:fe53:573 0022.2353.0573
info userTest.doer:userTest.java:423 someone from fe80::222:23ff:fe53:573 hit
the script



it "accidentally" dumps everything... (openssl nor openssh dont print these
for a reason)
(but it helps me a lot having both stacks up to date....)
the crypto values are in hex, the math part are base 10 (is the right
terminology?)...
"accidentally" it prints the local secret value inputed to the dh....


now please concentrate on the math part, and dont put too much effort into
deciphering my code,
briefly read the rfcs, the variable names like g, p, etc, should match...
obviously i cannot print a nor b because what displayed above is just one
side of the communication...
here i was alice, and i obviously have nothing about bob...





finally to have the experiemnt locally, on a linux machine i did the
following:

mc36@noti:~$ ssh sid
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXX XXXXX XXX XXX XXX XX XX XXXX XXXXXXXXXXXXXXXXXX
XXXX XXXX XX XXXX XX XXXX XX XX XX XXXX XXXXXXX/~~~~\XXXXX
XXXX X XXX XX XXXX XX XXXX XX XX XX XXXX XXXXXX| demo |XXXX
XXXX XX XX XX XXXX XX XXX XX XXXX XXXXXXX\____/XXXXX
XXXX XXX X XX XXXX XX XXXXXXX XX XX XXXX XXXXXXXXXXXXXXXXXX
XXXX XXXX XX XXXX XX XXXXXXX XX XX XXXX XXXXXXXXXXXXXXXXXX
XXXX XXXXX XXX XXX XXX XXX XX XXX XXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
welcome
line ready
before:<nobody> from console at 2022-08-30 05:52:21.371
sid#


you can do the same with "openssl s_client" command and that connects with
tls1.3 and should pick an ecdh....


you can reproduce it beween two freerouters, then you'll see both a and b
clearly for both dh and ecdh....
cc-ing everson and gabriel, imho they'll help you have this on your notebook
in 10 minutes.... :)

as i saw your capability to do tricky mathy programs in both python and java
(or anything *), please write down the algorighm described in te book!

*: proverb here: music-music zaka-zaka (zaka is not in dictionary) and the
same stands for programming languages, right?



but back to the $subject$ let's see clearly which one is better... ecdh or
dh....

and please note that on the ecdh part we're using a good curve but with dh it
picked a 2k group...
the algorithm is not much slower if it picked a 8k one... i just recently had
to limit it

https://github.com/rare-freertr/freeRtr/blob/master/src/net/freertr/cfg/cfgAll.java#L740
if you start git blaming this, you'll see that it happened recently when i
given a chance to tabby...
it had other issues, but this one finally given me enough motivation to write
a tui menu (*) in freerouter in a day...

*: is use it as a connection manager and get rid of securecrt but it should
be generic enough to use for anything:
i named it menu tui because it's a collection of aliases in a text user
interface with quick find feature:
you just type and it displays only the remaining entries...


so clearly speaking, pick java because it'll optimize out the unused math
tricks if you warm up the jvm properly:
do the break code like this:
try break a very small 1k prime
then give it an other, 2k prime
then try with the final one, repeat this 10 times and ignore the first 5
runs...

if you pick python or the above mentioned javascript based one, these wont
help you that much imho...

thanks,
cs


















Best regards,
Cristina

________________________________________
De: mc36 <>
Enviado: segunda-feira, 29 de agosto de 2022 11:12
Para: ; Cristina Klippel Dominicini
Assunto: Re: [rare-dev] ecdh vs dh

ps: thanks for the math pdf you sent me a year ago or so...
we learnt math in hungarian so it really helped me a lot!

On 8/29/22 16:06, mc36 wrote:
thanks for confirming the reception of the mail...
and thanks for taking care of the question...
please take your time, it have a good change that
i\m not right so dont put too much effort into it,
just if it really catches an interest somewhere....
thanks,
cs



On 8/29/22 16:01, Cristina Klippel Dominicini wrote:
Hi Csaba!

Sorry for the delay. For some reason, I am not receiving all the threads from
the rare list, and my mail server also blocked some messages. I will check
the archives.

Interesting question! I am honored by your mention as a skilled
mathematician, but I am more a computer engineering trying to understand and
apply the math concepts to computing
problems :-D But I have some very skilled mathematician friends that help me
when I have some doubts. I will check with them if they have any insights
about your question and get
back to you soon :-)

Best regards,
Cristina

________________________________________
De: <> em nome de
mc36 <>
Enviado: sexta-feira, 26 de agosto de 2022 06:45
Para: Cristina Klippel Dominicini
Cc:
Assunto: [rare-dev] ecdh vs dh

hi,

can i ask you to help me solve a long lived question of me please:
(i ask you because you're the only well skilled mathematician i know)
(if it's outside of your interest, please forward it someone)

which is harder to find out both a and b:

( (g^a)^b) % p == ( (g^b)^a) % p
where g is 2 or 5, p is a 8192 bit prime, both well known, a and b are both
secrets
here we are talking about positive integers

or

a*b == b*a
here the computation is performed over 448bit elliptic curves


my reasoning is that reversing the multiplication should be easier than
solving the discrete logarithm problem

i see that it is an apples to oranges kind of question so a weak conjecture
is much more than enough

thanks,
cs


________________________________

Esta mensagem (incluindo anexos) cont m informa o confidencial
destinada a um usu rio espec fico e seu conte do protegido por
lei. Se voc n o o destinat rio
correto deve apagar esta mensagem.

O emitente desta mensagem respons vel por seu conte do e endere
amento.
Cabe ao destinat rio cuidar quanto ao tratamento adequado. A divulga
o, reprodu o e/ou distribui o sem a devida autoriza o ou
qualquer outra a o sem conformidade
com as normas internas do Ifes s o proibidas e pass veis de san o
disciplinar, c vel e criminal.



________________________________

Esta mensagem (incluindo anexos) contém informação confidencial destinada a
um usuário específico e seu conteúdo é protegido por lei. Se você não é o
destinatário correto deve apagar esta mensagem.

O emitente desta mensagem é responsável por seu conteúdo e endereçamento.
Cabe ao destinatário cuidar quanto ao tratamento adequado. A divulgação,
reprodução e/ou distribuição sem a devida autorização ou qualquer outra ação
sem conformidade com as normas internas do Ifes são proibidas e passíveis de
sanção disciplinar, cível e criminal.

Archive powered by MHonArc 2.6.19.

Top of Page