[cryptography] Duplicate primes in lots of RSA moduli

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Feb 15 18:57:20 EST 2012


Alexander Klimov <alserkli at inbox.ru> writes:

>While the RSA may be easier to break if the entropy during the key 
>*generation* is low, the DSA is easier to break if the entropy during the key 
>*use* is low. Obviously, if you have access only to the public keys, the first 
>issue is more spectacular, but usually a key is used more often than generated.

My thoughts exactly, I've always stayed away from DLP-based PKCs (except DH) 
because they're extraordinarily brittle, with RSA you have to get entropy use 
right just once, with DLP PKCs you have to get it right every single time you 
use them.  For embedded systems in particular that's just too risky.

Peter.



More information about the cryptography mailing list