daohualiuxiang
/
node
mirror of https://github.com/nodejs/node.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
node/doc
History
Bill Automata e136c179c1 doc: update crypto docs to use good defaults 
[Diffie-Hellman](https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange#Cryptographic_explanation)
keys are composed of a `generator` a `prime` a `secret_key`
and the `public_key` resulting from the math operation:

```
(generator ^ secret_key) mod prime = public_key
```

Diffie-Hellman keypairs will compute a matching shared secret
if and only if the generator and prime match for both
recipients.  The generator is usually **2** and the prime is
what is called a [Safe Prime](https://en.wikipedia.org/wiki/Safe_prime).

Usually this matching is accomplished by using
[standard published groups](http://tools.ietf.org/html/rfc3526).
We expose access those groups with the `crypto.getDiffieHellman`
function.

`createDiffieHellman` is trickier to use.  The original example
had the user creating 11 bit keys, and creating random groups of
generators and primes. 11 bit keys are very very small, can be
cracked by a single person on a single sheet of paper.  A
byproduct of using such small keys were that it was a high
likelihood that two calls of `createDiffieHellman(11)` would
result in using the same 11 bit safe prime.

The original example code would fail when the safe primes generated
at 11 bit lengths did not match for alice and bob.

If you want to use your own generated safe `prime` then the proper
use of `createDiffieHellman` is to pass the `prime` and `generator`
to the recipient's constructor, so that when they compute the shared
secret their `prime` and `generator` match, which is fundamental to
the algorithm.

PR-URL: https://github.com/nodejs/node/pull/5505
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
 		2016-03-21 16:49:46 -07:00
..
api doc: update crypto docs to use good defaults 2016-03-21 16:49:46 -07:00
api_assets doc: update link green to match homepage 2016-03-03 19:41:47 +01:00
ctc-meetings doc: add CTC meeting minutes 2016-02-10 2016-03-21 15:54:35 -07:00
guides doc: add "building node with ninja" guide 2016-02-23 12:23:45 -05:00
topics doc: topic blocking vs non-blocking 2016-03-19 15:19:15 +02:00
tsc-meetings doc: add TSC meeting minutes 2015-10-21 2015-10-26 09:36:42 -07:00
full-white-stripe.jpg build: update Node.js logo on Win installer 2016-03-06 20:22:36 -06:00
node.1 doc: reformat & improve node.1 manual page 2016-03-16 13:49:40 -04:00
onboarding-extras.md doc: add onboarding resources 2016-03-14 11:35:04 -04:00
onboarding.md doc: add onboarding resources 2016-03-14 11:35:04 -04:00
osx_installer_logo.png build: update Node.js logo on OSX installer 2016-02-27 16:49:56 +11:00
releases.md docs: update link to iojs+release ci job 2016-03-10 18:48:09 -08:00
template.html doc: improve scrolling, various CSS tweaks 2016-02-14 05:46:18 +01:00
thin-white-stripe.jpg build: update Node.js logo on Win installer 2016-03-06 20:22:36 -06:00