gnutls-commit
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-316-g36c75f9


From: Nikos Mavrogiannopoulos
Subject: [SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-316-g36c75f9
Date: Fri, 23 Jul 2010 18:16:33 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=36c75f9fc791c1e32d1d324c0264857406b4a6f9

The branch, master has been updated
       via  36c75f9fc791c1e32d1d324c0264857406b4a6f9 (commit)
      from  209f8d25c1d0a773d573137260952ce20aab2dcc (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 36c75f9fc791c1e32d1d324c0264857406b4a6f9
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Fri Jul 23 20:16:19 2010 +0200

    Follow ECRYPT II recommendations.

-----------------------------------------------------------------------

Summary of changes:
 lib/nettle/mpi.c |   15 +++++++++------
 1 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/lib/nettle/mpi.c b/lib/nettle/mpi.c
index ef91ffd..f70cd93 100644
--- a/lib/nettle/mpi.c
+++ b/lib/nettle/mpi.c
@@ -378,6 +378,9 @@ static int wrap_nettle_prime_check(bigint_t pp)
  * The algorithm is simple but probably it has to be modified to gcrypt's
  * since it is really really slow. Nature did not want 2qw+1 to be prime.
  * The generator will be the generator of a subgroup of order q-1.
+ *
+ * Algorithm based on the algorithm in "A Computational Introduction to Number 
+ * Theory and Algebra" by V. Shoup, sec 11.1 Finding a generator for Z^{*}_p
  */
 inline static int gen_group (mpz_t *prime, mpz_t* generator, unsigned int 
nbits)
 {
@@ -390,15 +393,15 @@ inline static int gen_group (mpz_t *prime, mpz_t* 
generator, unsigned int nbits)
        mpz_init(*prime);
        mpz_init(*generator);
 
-       /* security level enforcement. "Check Fine-tuned implementation of an
-        * efficient secure profile matching protocol", p.61, El-gamal key 
generation.
+       /* security level enforcement. 
+        * Values for q are selected according to ECRYPT II recommendations.
         */
-       if (nbits <= 1024) {
+       if (nbits <= 1248) {
                q_bytes = 160/8;
-       } else if (nbits <=2644) {
+       } else if (nbits <=2432) {
+               q_bytes = 224/8;
+       } else if (nbits <= 3248) {
                q_bytes = 256/8;
-       } else if (nbits <= 6897) {
-               q_bytes = 384/8;
        } else {
                q_bytes = 512/8;
        }


hooks/post-receive
-- 
GNU gnutls



reply via email to

[Prev in Thread] Current Thread [Next in Thread]