Re: gnupg rsa question // why use e of 41 ?
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


sci.crypt archive

Re: gnupg rsa question // why use e of 41 ?

From: <tomstdenis@gmail.com>
Date: Sun Apr 30 2006 - 13:38:47 CEST



daniel bleichenbacher wrote:


> Sorry, I do not agree with this opinion. There are many attacks that


> work


> well with very small exponents such as e=3, but don't work or are much


> harder with e=65537 or larger. Of course these attacks can be avoided


> if implemented correctly. But implementations do have mistakes. And


> from


> analysing many cryptographic libraries I know that these libraries have


> much


> more mistakes that one commonly expects. Thus, to me it seems to be a


> good


> idea to make RSA implementations more robust by avoiding the smallest


> exponents. In fact, I'd even avoid e=41 and just generally use at least


> e=65537.



Without padding even e=65537 is not secure.



What's your point?



Tom


Received on Mon May  1 02:06:19 2006