TDGSS DHKeyP/DHKeyG Property | Teradata Vantage - DHKeyP and DHKeyG - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2024-02-29
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantageā„¢

The Diffie-Hellman encryption key (DH Key) is made up of two values, P and G, which allows two hosts to create and share a secret key to ensure the confidentiality of the encryption key exchange between initiator and acceptor.

The P and G parameters are both public to the system. P is a large prime number, and G is chosen so it is a small primitive root of P. Each user has X, a private number. Each uses their private key X to calculate their public key. Users transmit their Public key so that User 2 has PublicKeyUser1 and User 1 has PublicKeyUser2.

There are two sets of DH keys: DHKeyP/DHkeyG and DHKeyP2048/DHKeyG2048. The first pair is 640 bit, which is only supported for compatibility with pre-TD 14.0 systems. In cases where the client and server are both TD 14.0 or higher, the 640 bit keys are never used.

Default Property Value for DHKeyP2048

This 2048 bit DHKeyP is supplied with Teradata Vantage (represented in hex code):

DHKeyP2048="8AB3F86E8D374B782F31DAD5F27D6AFDA30150C11A20CF6346712AE2D2C6B70A5B79D45D4C0C232A065B207B121B2C33E147B5983C38A1087F272703B0B839CBA6F71C5D0EB51EC890934EACF2C7DD2A1DF6F55E89B145A0359D35EF8FB6C561E157B13FF927A35E69963648614902B1034EF71197F545DEF3236244EADAE0689E624CF1245953630AE042BD797C4025E37C51D9F6CBDA0B2278FA7D5CA2D9CA930BE2968330C811A4BA4D0845333C0D62E3EE742154F6B62F2951CD8C73C43B5AA1C7819DEF1D7C9314411E465F8E4796666594AADE0AEB3F1256E5719E7AE54DD34FFDA949634E4A293C5BC60AF258BB9FE558086E83B3DD3D7491966DEE93"

Default Property Value for DHKeyG2048

This 2048 bit DHKeyG is supplied with Teradata Vantage (represented in hex code):

DHKeyG2048="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005"

Default Property Values for Legacy DHKeyG and DHKeyP

<!-- DHKeyP and DHKeyG are for legacy (pre-14.0) use only -->
DHKeyP="E4BE0A78F54C4A0B17E7E9249A78BCC08868C17281D8463C880937853E73DDC787E41580A8AFE2594D984C9E0814C590790354ECCD1BE8EA85961E5E0974B32EFE178335F061E80189B4BDAA20F67B47"
DHKeyG="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005"

Editing Guidelines

  • In high security environments, you can replace the preset key and/or rotate keys periodically to minimize the chance that the key can be compromised.
  • If you edit DHKeyP2048, you should also edit DHKeyG2048.
  • You can edit this property only on all nodes.
  • You can use any DH Key with a supported key length. See KeyLength and KeyLengthP.