[cryptography] RSA Moduli (NetLock Minositett Kozjegyzoi Certificate)
smb at cs.columbia.edu
Sun Mar 25 10:33:32 EDT 2012
On Mar 25, 2012, at 1:16 PM, Florian Weimer wrote:
> * Thierry Moreau:
>> The unusual public RSA exponent may well be an indication that the
>> signature key pair was generated by a software implementation not
>> encompassing the commonly-agreed (among number-theoreticians having
>> surveyed the field) desirable strategies.
> I don't think this conclusion is warranted. Most textbooks covering
> RSA do not address key generation in much detail. Even the Menezes et
> al. (1996) is a bit sketchy, but it mentions e=3 and e=2**16+1 as
> "used in practice". Knuth (1981) fixes e=3. On the other side, two
> popular cryptography textbooks, Schneier (1996) and Stinson (2002),
> recommend to choose e randomly. None of these sources gives precise
> guidance on how to generate the key material, although Menezes et al.
> gives several examples of what you should not do.
2^16+1 (or numbers of that pattern) give good performance for encryption
or for signature verification. NIST's standards require that public
keys be odd, positive [sic] integers between 65537 and 2^256-1
--Steve Bellovin, https://www.cs.columbia.edu/~smb
More information about the cryptography