From 20d7c7b02c92c28007dba8b08e617a415146d1df Mon Sep 17 00:00:00 2001
From: Ben Lindstrom <mouring@eviladmin.org>
Date: Wed, 4 Apr 2001 01:56:17 +0000
Subject:    - markus@cvs.openbsd.org 2001/04/03 19:53:29      [dh.c dh.h kex.c
 kex.h sshconnect2.c sshd.c]      move kex to kex*.c, used dispatch_set()
 callbacks for kex. should      make rekeying easier.

---
 dh.c | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

(limited to 'dh.c')

diff --git a/dh.c b/dh.c
index 6c53b003..03b9fd1b 100644
--- a/dh.c
+++ b/dh.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: dh.c,v 1.11 2001/03/29 21:17:39 markus Exp $");
+RCSID("$OpenBSD: dh.c,v 1.12 2001/04/03 19:53:29 markus Exp $");
 
 #include "xmalloc.h"
 
@@ -273,3 +273,22 @@ dh_new_group1(void)
 
 	return (dh_new_group_asc(gen, group1));
 }
+
+/*
+ * Estimates the group order for a Diffie-Hellman group that has an
+ * attack complexity approximately the same as O(2**bits).  Estimate
+ * with:  O(exp(1.9223 * (ln q)^(1/3) (ln ln q)^(2/3)))
+ */
+
+int
+dh_estimate(int bits)
+{
+
+	if (bits < 64)
+		return (512);	/* O(2**63) */
+	if (bits < 128)
+		return (1024);	/* O(2**86) */
+	if (bits < 192)
+		return (2048);	/* O(2**116) */
+	return (4096);		/* O(2**156) */
+}
-- 
cgit v1.2.3