The
file contains the system-wide Diffie-Hellman prime moduli for the
photurisd(8)
and
sshd(8)
programs.
Each line in this file contains the following fields:
Time , Type , Tests , Tries , Size , Generator
and
Modulus
The fields are separated by white space (tab or blank).
Time (Vt yyyymmddhhmmss
)
Specifies the system time that the line was appended to the file.
The value 00000000000000 means unknown (historic).
Type (Vt decimal
)
Specifies the internal structure of the prime modulus.
0
unknown;
often learned from peer during protocol operation,
and saved for later analysis.
Sophie-Germaine (q = (p-1)/2);
usually generated in the process of testing safe or strong primes.
5
strong;
useful for RSA public key generation.
Tests (Vt decimal
)
(bit field)
Specifies the methods used in checking for primality.
Usually, more than one test is used.
0
not tested;
often learned from peer during protocol operation,
and saved for later analysis.
1
composite;
failed one or more tests.
In this case, the highest bit specifies the test that failed.
2
sieve;
checked for division by a range of smaller primes.
4
Miller-Rabin.
8
Jacobi.
16
Elliptic Curve.
Tries (Vt decimal
)
Depends on the value of the highest valid Test bit,
where the method specified is:
0
not tested
(always zero).
1
composite
(irrelevant).
2
sieve;
number of primes sieved.
Commonly on the order of 32,000,000.
4
Miller-Rabin;
number of M-R iterations.
Commonly on the order of 32 to 64.
8
Jacobi;
unknown
(always zero).
16
Elliptic Curve;
unused
(always zero).
Size (Vt decimal
)
Specifies the number of significant bits.
Generator (Vt hex string
)
Specifies the best generator for a Diffie-Hellman exchange.
0 = unknown or variable,
2, 3, 5, etc.
Modulus (Vt hex string
)
The prime modulus.
The file is searched for moduli that meet the appropriate
Time , Size
and
Generator
criteria.
When more than one meet the criteria,
the selection should be weighted toward newer moduli,
without completely disqualifying older moduli.
