[cryptography] Duplicate primes in lots of RSA moduli

Jeffrey Schiller jis at qyv.net
Thu Feb 16 13:28:52 EST 2012


> Are you thinking this is because it causes the entropy estimate in the RNG to be higher than it really is? Last time I checked OpenSSL it didn't block requests for numbers in cases of low entropy estimates anyway, so line 3 wouldn't reduce security for that reason.

I  am thinking this because in low entropy cases where multiple boxes generate the same first prime adding that additional entropy before the second prime is generated means they are likely to generate a different second prime leading to the GCD attack.

-Jeff (sent from my phone, sorry about any typos!)


More information about the cryptography mailing list