From: Mike Ingle <MIKEINGLE@delphi.com>
To: cypherpunks@toad.com
Message Hash: 58a43c25e64c5177255ec95e2de768af7fa9c0c001ee0e23e4d0005ae1c30947
Message ID: <01H7QC1A386W99ENND@delphi.com>
Reply To: N/A
UTC Datetime: 1994-01-16 05:38:10 UTC
Raw Date: Sat, 15 Jan 94 21:38:10 PST
From: Mike Ingle <MIKEINGLE@delphi.com>
Date: Sat, 15 Jan 94 21:38:10 PST
To: cypherpunks@toad.com
Subject: PGP's e exponent too small?
Message-ID: <01H7QC1A386W99ENND@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain
Is the e exponent in PGP too small? It's usually 17 decimal.
Applied Cryptography pp. 287-288 says:
"Low Exponent Attack Against RSA
Another suggestion to 'improve' RSA is to use low values for e, the public
key. This makes encryption fast and easy to perform. Unfortunately, it is
also insecure. Hastad demonstrated a successful attack against RSA with a
low encryption key [417]. Another attack by Michael Wiener will recover e,
when e is up to one quarter the size of n [878]. A low decryption key, d,
is just as serious a problem. Moral: Choose large values for e and d."
--- Mike
P.S. Anyone know where to get a Capstone chip?
Return to January 1994
Return to “Mike Ingle <MIKEINGLE@delphi.com>”
1994-01-16 (Sat, 15 Jan 94 21:38:10 PST) - PGP’s e exponent too small? - Mike Ingle <MIKEINGLE@delphi.com>