From: trollins@debbie.telos.com (Tom Rollins)
To: N/A
Message Hash: c8e36689c67de7325f4291138d3b28eac7d86077b19d432c68e5dc75487d759e
Message ID: <9406262335.AA04103@debbie.telos.com>
Reply To: N/A
UTC Datetime: 1994-06-26 23:36:02 UTC
Raw Date: Sun, 26 Jun 94 16:36:02 PDT
From: trollins@debbie.telos.com (Tom Rollins)
Date: Sun, 26 Jun 94 16:36:02 PDT
Subject: Warning about PGP
Message-ID: <9406262335.AA04103@debbie.telos.com>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
WARNING - WARNING - WARNING - WARNING - WARNING - WARNING
Quoting "Applied Cryptography by Bruce Schneier, Page 287-288."
> Low Exponent Attack Agenst RSA
> Another suggestion to "improve" RSA is to use low
> values for e, the public key. This makes encryption
> fast and easy to perform. Unfortunately, it is also
> insecure. Hastad demonstrated a successful attack
> against RSA with a low encryption key [417]. Another
> attack by Michael Wiener will recover e, when e is
> up to one quarter the size of n [878]. A low decryption
> key d, is just as serious a problem. Moral: Choose
> large values for e and d.
> 417. J. Hastad, "On Using RSA with Low Exponent in a Public-
> Key Network," Advances in Cryptology - CRYPTO '85
> Proceedings, Berlin: Springer-Verlag, 1986, pp403-408
> 878. M. J. Weiner, "Cryptanalysis of Short RSA Secret Exponents."
> IEEE Transactions on Information Theory, v.36, n. 3,
> May 1990, pp. 553-558.
The public domain PGP programs curriently produce short public key
exponents, (17 is a common value). It would seem that the
Governments of the world have had easy access to PGP traffic.
Tom Rollins <trollins@debbie.telos.com>
WARNING - WARNING - WARNING - WARNING - WARNING - WARNING
-----BEGIN PGP SIGNATURE-----
Version: 2.6
iQCzAgUBLg3CpGWJTLDtTMmNAQHhfQTwkalahr6xBNpeO8Yg2Ln1TkTbJ/VDccSS
4hZmqos1WEhmNuHEYTbKBZoS5wA9PHJkd26byy8JCAxoM5siiL6tNUaA4hRa+0IV
RJtIYnS5yIvGfocrBcmN+e2fJGZXyyc+h1cUzNMq/aml4CEmnaHl7PKhL69pk4jI
TfKUnah0ihgCb72Dkzqtsw6iTsJpg1rEd+TDpDPpTp3KIB0xbtk=
=e5eN
-----END PGP SIGNATURE-----
Return to June 1994
Return to “trollins@debbie.telos.com (Tom Rollins)”
1994-06-26 (Sun, 26 Jun 94 16:36:02 PDT) - Warning about PGP - trollins@debbie.telos.com (Tom Rollins)