Verification of primes in /etc/ssh/moduli file

Damien Miller djm at mindrot.org
Sat Aug 21 20:06:52 AEST 2021


On Wed, 18 Aug 2021, Hubert Kario wrote:

> Hello everybody!
> 
> For the past few years we've used a tool to double-check the security of
> the primes shipped in the OpenSSH moduli file:
> https://github.com/tomato42/ecpp-verifier
> 
> In short, it uses primality certificates to mathematically prove that all 
> the 
> parameters use safe primes and a bit of simple maths to check if they're 
> not
> vulnerable to Special Number Field Sieve.
> 
> I wrote an article on why it's necessary, a high level overview how it
> does it and how you can run it yourself:
> https://www.redhat.com/en/blog/understanding-and-verifying-security-diffie-hellman-parameters

Excellent - one question: how do you generate/prove safe primes? I was
never able to figure out how to prove that both N and (N-1)/2 are prime
(though I thought it might be possible using Pocklington's criteria).

-d


More information about the openssh-unix-dev mailing list