From 3799322443fcfebe2c3a2a14deb1f3f5d2089cb7 Mon Sep 17 00:00:00 2001 From: lloyd Date: Fri, 5 Sep 2008 12:26:08 +0000 Subject: Rewrite dl_work_factor using a lookup table with data from RFC 3526, "More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)", which removes Botan's dependency on standard math library (which can be a big deal on embedded systems, and it seemed silly to have just a single function cause us to pull in potentially all of libm) Also this makes the values Botan will pick for exponent sizes more obvious; previously one would have to run through the computation or call the function and observe the output. --- src/util.cpp | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) (limited to 'src') diff --git a/src/util.cpp b/src/util.cpp index e340ee7f4..dea0778a1 100644 --- a/src/util.cpp +++ b/src/util.cpp @@ -6,7 +6,6 @@ #include #include #include -#include namespace Botan { @@ -29,23 +28,26 @@ u32bit round_down(u32bit n, u32bit align_to) } /************************************************* -* Return the work required for solving DL * +* Choose the exponent size for a DL group *************************************************/ -u32bit dl_work_factor(u32bit n_bits) +u32bit dl_work_factor(u32bit bits) { - const u32bit MIN_ESTIMATE = 64; - - if(n_bits < 32) - return 0; - - const double log_x = n_bits / 1.44; - - const double strength = - 2.76 * std::pow(log_x, 1.0/3.0) * std::pow(std::log(log_x), 2.0/3.0); - - if(strength > MIN_ESTIMATE) - return static_cast(strength); - return MIN_ESTIMATE; + /* + These values were taken from RFC 3526 + */ + if(bits <= 1536) + return 90; + else if(bits <= 2048) + return 110; + else if(bits <= 3072) + return 130; + else if(bits <= 4096) + return 150; + else if(bits <= 6144) + return 170; + else if(bits <= 8192) + return 190; + return 256; } /************************************************* -- cgit v1.2.3