1.\" $OpenBSD: moduli.5,v 1.3 2001/06/24 18:50:52 provos Exp $ 2.\" 3.\" Copyright 1997, 2000 William Allen Simpson <wsimpson@greendragon.com> 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. All advertising materials mentioning features or use of this software 15.\" must display the following acknowledgement: 16.\" This product includes software designed by William Allen Simpson. 17.\" 4. The name of the author may not be used to endorse or promote products 18.\" derived from this software without specific prior written permission. 19.\" 20.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 21.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 22.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 23.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 24.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 25.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 29.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30.\" 31.\" Manual page, using -mandoc macros 32.\" 33.Dd July 28, 1997 34.Dt MODULI 5 35.Os 36.Sh NAME 37.Nm moduli 38.Nd system moduli file 39.Sh DESCRIPTION 40The 41.Pa /etc/moduli 42file contains the system-wide Diffie-Hellman prime moduli for the 43.Xr photurisd 8 44and 45.Xr sshd 8 46programs. 47.Pp 48Each line in this file contains the following fields: 49Time, Type, Tests, Tries, Size, Generator, Modulus. 50The fields are separated by white space (tab or blank). 51.Pp 52.Fa Time : yyyymmddhhmmss . 53Specifies the system time that the line was appended to the file. 54The value 00000000000000 means unknown (historic). 55.\"The file is sorted in ascending order. 56.Pp 57.Fa Type : decimal . 58Specifies the internal structure of the prime modulus. 59.Pp 60.Bl -tag -width indent -offset indent -compact 61.It 0 : 62unknown; 63often learned from peer during protocol operation, 64and saved for later analysis. 65.It 1 : 66unstructured; 67a common large number. 68.It 2 : 69safe (p = 2q + 1); 70meets basic structural requirements. 71.It 3 : 72Schnorr. 73.It 4 : 74Sophie-Germaine (q = (p-1)/2); 75usually generated in the process of testing safe or strong primes. 76.It 5 : 77strong; 78useful for RSA public key generation. 79.El 80.Pp 81.Fa Tests : decimal (bit field) . 82Specifies the methods used in checking for primality. 83Usually, more than one test is used. 84.Pp 85.Bl -tag -width indent -offset indent -compact 86.It 0 : 87not tested; 88often learned from peer during protocol operation, 89and saved for later analysis. 90.It 1 : 91composite; 92failed one or more tests. 93In this case, the highest bit specifies the test that failed. 94.It 2 : 95sieve; 96checked for division by a range of smaller primes. 97.It 4 : 98Miller-Rabin. 99.It 8 : 100Jacobi. 101.It 16 : 102Elliptic Curve. 103.El 104.Pp 105.Fa Tries : decimal . 106Depends on the value of the highest valid Test bit, 107where the method specified is: 108.Pp 109.Bl -tag -width indent -offset indent -compact 110.It 0 : 111not tested 112(always zero). 113.It 1 : 114composite 115(irrelevant). 116.It 2 : 117sieve; 118number of primes sieved. 119Commonly on the order of 32,000,000. 120.It 4 : 121Miller-Rabin; 122number of M-R iterations. 123Commonly on the order of 32 to 64. 124.It 8 : 125Jacobi; 126unknown 127(always zero). 128.It 16 : 129Elliptic Curve; 130unused 131(always zero). 132.El 133.Pp 134.Fa Size : decimal . 135Specifies the number of significant bits. 136.Pp 137.Fa Generator : hex string . 138Specifies the best generator for a Diffie-Hellman exchange. 1390 = unknown or variable, 1402, 3, 5, etc. 141.Pp 142.Fa Modulus : hex string . 143The prime modulus. 144.Pp 145The file is searched for moduli that meet the appropriate 146Time, Size and Generator criteria. 147When more than one meet the criteria, 148the selection should be weighted toward newer moduli, 149without completely disqualifying older moduli. 150.Sh FILES 151.Bl -tag -width /etc/moduli -compact 152.It Pa /etc/moduli 153.El 154.Sh SEE ALSO 155.Xr photurisd 8 , 156.Xr sshd 8 157 158