Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Is 2048 bit key agreement possible?

5 views
Skip to first unread message

Brian Ic

unread,
Apr 24, 2002, 12:54:58 PM4/24/02
to
I am writing a program that performs D-H key agreement, and I am using
the SKIP numbers from http://skip.incog.com/spec/numbers.html.

They have a 2048 bit modulus posted there, which I use in the
following code:

static final BigInteger skipBase = BigInteger.valueOf(2);
static final BigInteger skip2048Modulus = new BigInteger(
"F64257B7087F081772A2BAD6A942F305E8F95311394FB6F16EB94B3820DA01A7"+
"56A314E98F4055F3D007C6CB43A994ADF74C648649F80C83BD65E917D4A1D350"+
"F8F5595FDC76524F3D3D8DDBCE99E1579259CDFDB8AE744FC5FC76BC83C54730"+
"61CE7CC966FF15F9BBFD915EC701AAD35B9E8DA0A5723AD41AF0BF4600582BE5"+
"F488FD584E49DBCD20B49DE49107366B336C380D451D0F7C88B31C7C5B2D8EF6"+
"F3C923C043F0A55B188D8EBB558CB85D38D334FD7C175743A31D186CDE33212C"+
"B52AFF3CE1B1294018118D7C84A70A72D686C40319C807297ACA950CD9969FAB"+
"D00A509B0246D3083D66A45D419F9C7CBD894B221926BAABA25EC355E9320B3B",16);

DHParameterSpec dhParamSpec = new DHParameterSpec(skip2048Modulus,
skipBase);
KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH");
kpg.initialize(dhParamSpec, secRnd); // <-- *** getting the
exception here
KeyPair keyPair = kpg.genKeyPair();


But, I am getting the following exception at runtime:

java.security.InvalidAlgorithmParameterException: Prime size must be
multiple of 64, and can only range from 512 to 1024 (inclusive)
at com.sun.crypto.provider.DHKeyPairGenerator.initialize(DashoA6275)
at java.security.KeyPairGenerator$Delegate.initialize(KeyPairGenerator.java:470)


I am using the Java(TM) 2 SDK, Standard Edition, v 1.4.0, and I have
installed the Unlimited Strength Java(TM) Cryptography Extension
Policy Files.

Is there no way to peform 2048 bit D-H? If not, is there another key
agreement protocol that can be performed at this higher strength?

0 new messages