The Diffie-Hellman encryption key (DH Key) is made up of two values, P and G, which allows two hosts to create and share a secret key to ensure the confidentiality of the encryption key exchange between initiator and acceptor.
The P and G parameters are both public to the system. P is a large prime number, and G is chosen so it is a small primitive root of P. Each user has X, a private number. Each uses their private key X to calculate their public key. Users transmit their Public key so that User 2 has PublicKeyUser1 and User 1 has PublicKeyUser2.
There are two sets of DH keys: DHKeyP/DHkeyG and DHKeyP2048/DHKeyG2048. The first pair is 640 bit, which is only supported for compatibility with pre-TD 14.0 systems. In cases where the client and server are both TD 14.0 or higher, the 640 bit keys are never used.
Default Property Value for DHKeyP2048
This 2048 bit DHKeyP is supplied with Teradata Vantage (represented in hex code):
DHKeyP2048="8AB3F86E8D374B782F31DAD5F27D6AFDA30150C11A20CF6346712AE2D2C6B70A5B79D45D4C0C232A065B207B121B2C33E147B5983C38A1087F272703B0B839CBA6F71C5D0EB51EC890934EACF2C7DD2A1DF6F55E89B145A0359D35EF8FB6C561E157B13FF927A35E69963648614902B1034EF71197F545DEF3236244EADAE0689E624CF1245953630AE042BD797C4025E37C51D9F6CBDA0B2278FA7D5CA2D9CA930BE2968330C811A4BA4D0845333C0D62E3EE742154F6B62F2951CD8C73C43B5AA1C7819DEF1D7C9314411E465F8E4796666594AADE0AEB3F1256E5719E7AE54DD34FFDA949634E4A293C5BC60AF258BB9FE558086E83B3DD3D7491966DEE93"
Default Property Value for DHKeyG2048
This 2048 bit DHKeyG is supplied with Teradata Vantage (represented in hex code):
DHKeyG2048="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005"
Default Property Values for Legacy DHKeyG and DHKeyP
<!-- DHKeyP and DHKeyG are for legacy (pre-14.0) use only --> DHKeyP="E4BE0A78F54C4A0B17E7E9249A78BCC08868C17281D8463C880937853E73DDC787E41580A8AFE2594D984C9E0814C590790354ECCD1BE8EA85961E5E0974B32EFE178335F061E80189B4BDAA20F67B47" DHKeyG="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005"
Editing Guidelines
- In high security environments, you can replace the preset key and/or rotate keys periodically to minimize the chance that the key can be compromised.
- If you edit DHKeyP2048, you should also edit DHKeyG2048.
- You can edit this property only on all nodes.
- You can use any DH Key with a supported key length. See KeyLength and KeyLengthP.