The Diffie-Hellman encryption key (DH Key) is made up of two values, P and G, which allows two hosts to create and share a secret key to ensure the confidentiality of the encryption key exchange between initiator and acceptor.
The P and G parameters are both public to the system. P is a large prime number, and G is chosen so it is a small primitive root of P, that is, G is a primitive root if and only if G^((P-1)/q) mod P > 1 for all prime divisors q of P-1.
The basic calculation is: G^X mod (P).
The variable X is a private number that each user keeps to themselves. Each uses their private key X to calculate their public key, such that:
PublicKeyUser1 = G^x mod (P) PublicKeyUser2 = G^y mod (P)
Each user transmits their Public key so that User 2 has PublicKeyUser1 and User 1 has PublicKeyUser2.
User1 computes: K1 = (PublicKeyUser2) ^x mod (P)
User2 computes: K2 = (PublicKeyUser1) ^y mod (P)
Default Property Value for DHKeyP2048
This 2048 bit DHKeyP is supplied with Teradata Vantage (represented in hex code):
DHKeyP2048="8AB3F86E8D374B782F31DAD5F27D6AFDA30150C11A20CF6346712AE2D2C6B70A5B79D45D4C0C232A065B207B121B2C33E147B5983C38A1087F272703B0B839CBA6F71C5D0EB51EC890934EACF2C7DD2A1DF6F55E89B145A0359D35EF8FB6C561E157B13FF927A35E69963648614902B1034EF71197F545DEF3236244EADAE0689E624CF1245953630AE042BD797C4025E37C51D9F6CBDA0B2278FA7D5CA2D9CA930BE2968330C811A4BA4D0845333C0D62E3EE742154F6B62F2951CD8C73C43B5AA1C7819DEF1D7C9314411E465F8E4796666594AADE0AEB3F1256E5719E7AE54DD34FFDA949634E4A293C5BC60AF258BB9FE558086E83B3DD3D7491966DEE93"
Default Property Value for DHKeyG2048
This 2048 bit DHKeyG is supplied with Teradata Vantage (represented in hex code):
DHKeyG2048="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005"
Default Property Values for Legacy DHKeyG and DHKeyP
<!-- DHKeyP and DHKeyG are for legacy (pre-14.0) use only --> DHKeyP="E4BE0A78F54C4A0B17E7E9249A78BCC08868C17281D8463C880937853E73DDC787E41580A8AFE2594D984C9E0814C590790354ECCD1BE8EA85961E5E0974B32EFE178335F061E80189B4BDAA20F67B47" DHKeyG="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005"
Editing Guidelines
- In high security environments, you can replace the preset key and/or rotate keys periodically to minimize the chance that the key can be compromised.
- If you edit DHKeyP2048, you should also edit DHKeyG2048.
- You can edit this property only on all nodes and on the Unity server. Also see Coordinating Mechanism Property Values for Unity.
- You can use any DH Key with a supported key length. See KeyLength, KeyLengthP.