diff --git a/CryptoConst.cpp b/CryptoConst.cpp
index 045c8989..60100e99 100644
--- a/CryptoConst.cpp
+++ b/CryptoConst.cpp
@@ -5,7 +5,7 @@ namespace i2p
 {
 namespace crypto
 {
-	const uint8_t elgp_[256]=
+	static const uint8_t elgp_[256]=
 	{
 		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 
 		0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 
@@ -25,10 +25,19 @@ namespace crypto
 		0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
 	};
 
-	const CryptoPP::Integer elgp (elgp_, 256);
-	const CryptoPP::Integer elgg (2); 
+	const CryptoPP::Integer& elgp()
+	{
+		static CryptoPP::Integer value(elgp_, 256);
+		return value;
+	}
+
+	const CryptoPP::Integer& elgg()
+	{
+		static CryptoPP::Integer value(2);
+		return value;
+	}
 	
-	const uint8_t dsap_[128]=
+	static const uint8_t dsap_[128]=
 	{
 		0x9c, 0x05, 0xb2, 0xaa, 0x96, 0x0d, 0x9b, 0x97, 0xb8, 0x93, 0x19, 0x63, 0xc9, 0xcc, 0x9e, 0x8c,
 		0x30, 0x26, 0xe9, 0xb8, 0xed, 0x92, 0xfa, 0xd0, 0xa6, 0x9c, 0xc8, 0x86, 0xd5, 0xbf, 0x80, 0x15,
@@ -40,13 +49,13 @@ namespace crypto
 		0x28, 0x5d, 0x4c, 0xf2, 0x95, 0x38, 0xd9, 0xe3, 0xb6, 0x05, 0x1f, 0x5b, 0x22, 0xcc, 0x1c, 0x93
 	};
 
-	const uint8_t dsaq_[20]=
+	static const uint8_t dsaq_[20]=
 	{
 		0xa5, 0xdf, 0xc2, 0x8f, 0xef, 0x4c, 0xa1, 0xe2, 0x86, 0x74, 0x4c, 0xd8, 0xee, 0xd9, 0xd2, 0x9d,
 		0x68, 0x40, 0x46, 0xb7
 	};
 
-	const uint8_t dsag_[128]=
+	static const uint8_t dsag_[128]=
 	{
 		0x0c, 0x1f, 0x4d, 0x27, 0xd4, 0x00, 0x93, 0xb4, 0x29, 0xe9, 0x62, 0xd7, 0x22, 0x38, 0x24, 0xe0,
 		0xbb, 0xc4, 0x7e, 0x7c, 0x83, 0x2a, 0x39, 0x23, 0x6f, 0xc6, 0x83, 0xaf, 0x84, 0x88, 0x95, 0x81,
@@ -58,9 +67,24 @@ namespace crypto
 		0xb3, 0xdb, 0xb1, 0x4a, 0x90, 0x5e, 0x7b, 0x2b, 0x3e, 0x93, 0xbe, 0x47, 0x08, 0xcb, 0xcc, 0x82  
 	};
 
-	const CryptoPP::Integer dsap (dsap_, 128); 
-	const CryptoPP::Integer dsaq (dsaq_, 20);
-	const CryptoPP::Integer dsag (dsag_, 128);
+	const CryptoPP::Integer& dsap()
+	{
+		static CryptoPP::Integer value(dsap_, 128);
+		return value;
+	}
+
+	const CryptoPP::Integer& dsaq()
+	{
+		static CryptoPP::Integer value(dsaq_, 20);
+		return value;
+	}
+
+	const CryptoPP::Integer& dsag()
+	{
+		static CryptoPP::Integer value(dsag_, 128);
+		return value;
+	}
+
 }
 }
 
diff --git a/CryptoConst.h b/CryptoConst.h
index f96467f5..e126e6bd 100644
--- a/CryptoConst.h
+++ b/CryptoConst.h
@@ -8,14 +8,13 @@ namespace i2p
 namespace crypto
 {
 	// DH	
-	extern const CryptoPP::Integer elgp;
-	extern const CryptoPP::Integer elgg; 
-
+	const CryptoPP::Integer& elgp();
+	const CryptoPP::Integer& elgg();
 
 	// DSA
-	extern const CryptoPP::Integer dsap;		
-	extern const CryptoPP::Integer dsaq;
-	extern const CryptoPP::Integer dsag;	
+	const CryptoPP::Integer& dsap();
+	const CryptoPP::Integer& dsaq();
+	const CryptoPP::Integer& dsag();
 }		
 }	
 
diff --git a/ElGamal.h b/ElGamal.h
index b3f0e44f..141ceff1 100644
--- a/ElGamal.h
+++ b/ElGamal.h
@@ -18,8 +18,8 @@ namespace crypto
 		public:
 
 			ElGamalEncryption (const uint8_t * key):
-				y (key, 256), k (rnd, CryptoPP::Integer::One(), elgp-1),
-				a (a_exp_b_mod_c (elgg, k, elgp)), b1 (a_exp_b_mod_c (y, k, elgp))
+				y (key, 256), k (rnd, CryptoPP::Integer::One(), elgp() - 1),
+				a (a_exp_b_mod_c (elgg(), k, elgp())), b1 (a_exp_b_mod_c (y, k, elgp()))
 			{
 			}
 
@@ -30,7 +30,7 @@ namespace crypto
 				m[0] = 0xFF;
 				memcpy (m+33, data, len);
 				CryptoPP::SHA256().CalculateDigest(m+1, m+33, 222);
-				CryptoPP::Integer b (a_times_b_mod_c (b1, CryptoPP::Integer (m, 255), elgp));
+				CryptoPP::Integer b (a_times_b_mod_c (b1, CryptoPP::Integer (m, 255), elgp()));
 
 				// copy a and b
 				if (zeroPadding)
@@ -60,7 +60,7 @@ namespace crypto
 		CryptoPP::Integer x(key, 256), a(zeroPadding? encrypted +1 : encrypted, 256), 
 			b(zeroPadding? encrypted + 258 :encrypted + 256, 256);
 		uint8_t m[255], hash[32];
-		a_times_b_mod_c (b, a_exp_b_mod_c (a, elgp - x - 1, elgp), elgp).Encode (m, 255);
+		a_times_b_mod_c (b, a_exp_b_mod_c (a, elgp() - x - 1, elgp()), elgp()).Encode (m, 255);
 		CryptoPP::SHA256().CalculateDigest(hash, m+33, 222);
 		for (int i = 0; i < 32; i++)
 			if (hash[i] != m[i+1])
diff --git a/Identity.cpp b/Identity.cpp
index 756eaec3..12e9df29 100644
--- a/Identity.cpp
+++ b/Identity.cpp
@@ -52,13 +52,13 @@ namespace data
 		CryptoPP::AutoSeededRandomPool rnd;
 
 		// encryption
-		CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
+		CryptoPP::DH dh (i2p::crypto::elgp(), i2p::crypto::elgg());
 		dh.GenerateKeyPair(rnd, keys.privateKey, keys.publicKey);
 
 		// signing
 		CryptoPP::DSA::PrivateKey privateKey;
 		CryptoPP::DSA::PublicKey publicKey;
-		privateKey.Initialize (rnd, i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag);
+		privateKey.Initialize (rnd, i2p::crypto::dsap(), i2p::crypto::dsaq(), i2p::crypto::dsag());
 		privateKey.MakePublicKey (publicKey);
 		privateKey.GetPrivateExponent ().Encode (keys.signingPrivateKey, 20);	
 		publicKey.GetPublicElement ().Encode (keys.signingKey, 128);
@@ -70,7 +70,7 @@ namespace data
 	{
 		if (!keys) return;
 		CryptoPP::AutoSeededRandomPool rnd;
-		CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
+		CryptoPP::DH dh (i2p::crypto::elgp(), i2p::crypto::elgg());
 		dh.GenerateKeyPair(rnd, keys->privateKey, keys->publicKey);
 	}
 
diff --git a/LeaseSet.cpp b/LeaseSet.cpp
index 7a7ebbc0..2a1dd30b 100644
--- a/LeaseSet.cpp
+++ b/LeaseSet.cpp
@@ -50,7 +50,7 @@ namespace data
 		
 		// verify
 		CryptoPP::DSA::PublicKey pubKey;
-		pubKey.Initialize (i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag, 
+		pubKey.Initialize (i2p::crypto::dsap(), i2p::crypto::dsaq(), i2p::crypto::dsag(), 
 			CryptoPP::Integer (m_Identity.signingKey, 128));
 		CryptoPP::DSA::Verifier verifier (pubKey);
 		if (!verifier.VerifyMessage (buf, leases - buf, leases, 40))
diff --git a/NTCPSession.cpp b/NTCPSession.cpp
index 9930dead..032b301a 100644
--- a/NTCPSession.cpp
+++ b/NTCPSession.cpp
@@ -33,7 +33,7 @@ namespace ntcp
 
 	void NTCPSession::CreateAESKey (uint8_t * pubKey, uint8_t * aesKey)
 	{
-		CryptoPP::DH dh (elgp, elgg);
+		CryptoPP::DH dh (elgp(), elgg());
 		uint8_t sharedKey[256];
 		if (!dh.Agree (sharedKey, m_DHKeysPair->privateKey, pubKey))
 		{    
@@ -303,7 +303,7 @@ namespace ntcp
 			s.tsB = tsB;
 			
 			CryptoPP::DSA::PublicKey pubKey;
-			pubKey.Initialize (dsap, dsaq, dsag, CryptoPP::Integer (m_RemoteRouterInfo.GetRouterIdentity ().signingKey, 128));
+			pubKey.Initialize (dsap(), dsaq(), dsag(), CryptoPP::Integer (m_RemoteRouterInfo.GetRouterIdentity ().signingKey, 128));
 			CryptoPP::DSA::Verifier verifier (pubKey);
 			if (!verifier.VerifyMessage ((uint8_t *)&s, sizeof(s), m_Phase3.signature, 40))
 			{	
@@ -370,7 +370,7 @@ namespace ntcp
 			s.tsB = m_Phase2.encrypted.timestamp;
 
 			CryptoPP::DSA::PublicKey pubKey;
-			pubKey.Initialize (dsap, dsaq, dsag, CryptoPP::Integer (m_RemoteRouterInfo.GetRouterIdentity ().signingKey, 128));
+			pubKey.Initialize (dsap(), dsaq(), dsag(), CryptoPP::Integer (m_RemoteRouterInfo.GetRouterIdentity ().signingKey, 128));
 			CryptoPP::DSA::Verifier verifier (pubKey);
 			if (!verifier.VerifyMessage ((uint8_t *)&s, sizeof(s), m_Phase4.signature, 40))
 			{	
diff --git a/RouterContext.cpp b/RouterContext.cpp
index bde075ad..5db7a3ef 100644
--- a/RouterContext.cpp
+++ b/RouterContext.cpp
@@ -19,7 +19,7 @@ namespace i2p
 	void RouterContext::CreateNewRouter ()
 	{
 		m_Keys = i2p::data::CreateRandomKeys ();
-		m_SigningPrivateKey.Initialize (i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag, 
+		m_SigningPrivateKey.Initialize (i2p::crypto::dsap(), i2p::crypto::dsaq(), i2p::crypto::dsag(), 
 			CryptoPP::Integer (m_Keys.signingPrivateKey, 20));
 		UpdateRouterInfo ();
 	}
@@ -76,7 +76,7 @@ namespace i2p
 		if (!fk.is_open ())	return false;
 			
 		fk.read ((char *)&m_Keys, sizeof (m_Keys));
-		m_SigningPrivateKey.Initialize (i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag, 
+		m_SigningPrivateKey.Initialize (i2p::crypto::dsap(), i2p::crypto::dsaq(), i2p::crypto::dsag(), 
 			CryptoPP::Integer (m_Keys.signingPrivateKey, 20));
 
 		m_RouterInfo = i2p::data::RouterInfo (i2p::util::filesystem::GetFullPath (ROUTER_INFO).c_str ()); // TODO
diff --git a/RouterInfo.cpp b/RouterInfo.cpp
index 9ffe7edf..327ae2cb 100644
--- a/RouterInfo.cpp
+++ b/RouterInfo.cpp
@@ -66,7 +66,7 @@ namespace data
 		ReadFromStream (str);
 		// verify signature
 		CryptoPP::DSA::PublicKey pubKey;
-		pubKey.Initialize (i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag, CryptoPP::Integer (m_RouterIdentity.signingKey, 128));
+		pubKey.Initialize (i2p::crypto::dsap(), i2p::crypto::dsaq(), i2p::crypto::dsag(), CryptoPP::Integer (m_RouterIdentity.signingKey, 128));
 		CryptoPP::DSA::Verifier verifier (pubKey);
 		int l = m_BufferLen - 40;
 		if (!verifier.VerifyMessage ((uint8_t *)m_Buffer, l, (uint8_t *)m_Buffer + l, 40))
diff --git a/SSU.cpp b/SSU.cpp
index c7b180ef..6754ce65 100644
--- a/SSU.cpp
+++ b/SSU.cpp
@@ -31,7 +31,7 @@ namespace ssu
 	
 	void SSUSession::CreateAESandMacKey (const uint8_t * pubKey)
 	{
-		CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
+		CryptoPP::DH dh (i2p::crypto::elgp(), i2p::crypto::elgg());
 		uint8_t sharedKey[256];
 		if (!dh.Agree (sharedKey, m_DHKeysPair->privateKey, pubKey))
 		{    
@@ -211,7 +211,7 @@ namespace ssu
 		m_SessionKeyDecryption.Decrypt (payload, 48, payload);
 		// verify
 		CryptoPP::DSA::PublicKey pubKey;
-		pubKey.Initialize (i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag, CryptoPP::Integer (m_RemoteRouter->GetRouterIdentity ().signingKey, 128));
+		pubKey.Initialize (i2p::crypto::dsap(), i2p::crypto::dsaq(), i2p::crypto::dsag(), CryptoPP::Integer (m_RemoteRouter->GetRouterIdentity ().signingKey, 128));
 		CryptoPP::DSA::Verifier verifier (pubKey);
 		if (!verifier.VerifyMessage (signedData, 532, payload, 40))
 			LogPrint ("SSU signature verification failed");
diff --git a/Streaming.cpp b/Streaming.cpp
index 86105ca0..afb8027a 100644
--- a/Streaming.cpp
+++ b/Streaming.cpp
@@ -336,9 +336,9 @@ namespace stream
 		m_Keys = i2p::data::CreateRandomKeys ();
 
 		m_IdentHash = m_Keys.pub.Hash ();
-		m_SigningPrivateKey.Initialize (i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag, 
+		m_SigningPrivateKey.Initialize (i2p::crypto::dsap(), i2p::crypto::dsaq(), i2p::crypto::dsag(), 
 			CryptoPP::Integer (m_Keys.signingPrivateKey, 20));
-		CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
+		CryptoPP::DH dh (i2p::crypto::elgp(), i2p::crypto::elgg());
 		dh.GenerateKeyPair(i2p::context.GetRandomNumberGenerator (), m_EncryptionPrivateKey, m_EncryptionPublicKey);
 		m_Pool = i2p::tunnel::tunnels.CreateTunnelPool (*this);
 	}
@@ -352,9 +352,9 @@ namespace stream
 			LogPrint ("Can't open file ", fullPath);
 
 		m_IdentHash = m_Keys.pub.Hash ();
-		m_SigningPrivateKey.Initialize (i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag, 
+		m_SigningPrivateKey.Initialize (i2p::crypto::dsap(), i2p::crypto::dsaq(), i2p::crypto::dsag(), 
 			CryptoPP::Integer (m_Keys.signingPrivateKey, 20));
-		CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
+		CryptoPP::DH dh (i2p::crypto::elgp(), i2p::crypto::elgg());
 		dh.GenerateKeyPair(i2p::context.GetRandomNumberGenerator (), m_EncryptionPrivateKey, m_EncryptionPublicKey);
 		m_Pool = i2p::tunnel::tunnels.CreateTunnelPool (*this);
 	}