From: trollins@debbie.telos.com (Tom Rollins)
Date: Sun, 26 Jun 94 16:36:02 PDT
Subject: Warning about PGP
Message-ID: <9406262335.AA04103@debbie.telos.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
 
 WARNING - WARNING - WARNING - WARNING - WARNING - WARNING
 
Quoting "Applied Cryptography by Bruce Schneier, Page 287-288."
> Low Exponent Attack Agenst RSA
> Another suggestion to "improve" RSA is to use low
> values for e, the public key. This makes encryption
> fast and easy to perform. Unfortunately, it is also
> insecure. Hastad demonstrated a successful attack
> against RSA with a low encryption key [417]. Another
> attack by Michael Wiener will recover e, when e is
> up to one quarter the size of n [878]. A low decryption
> key d, is just as serious a problem. Moral: Choose
> large values for e and d.
 
> 417. J. Hastad, "On Using RSA with Low Exponent in a Public-
>      Key Network," Advances in Cryptology - CRYPTO '85
>      Proceedings, Berlin: Springer-Verlag, 1986, pp403-408
> 878. M. J. Weiner, "Cryptanalysis of Short RSA Secret Exponents."
>      IEEE Transactions on Information Theory, v.36, n. 3,
>      May 1990, pp. 553-558.
 
The public domain PGP programs curriently produce short public key
exponents, (17 is a common value). It would seem that the
Governments of the world have had easy access to PGP traffic.
 
			Tom Rollins <trollins@debbie.telos.com>
 
 WARNING - WARNING - WARNING - WARNING - WARNING - WARNING
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.6
 
iQCzAgUBLg3CpGWJTLDtTMmNAQHhfQTwkalahr6xBNpeO8Yg2Ln1TkTbJ/VDccSS
4hZmqos1WEhmNuHEYTbKBZoS5wA9PHJkd26byy8JCAxoM5siiL6tNUaA4hRa+0IV
RJtIYnS5yIvGfocrBcmN+e2fJGZXyyc+h1cUzNMq/aml4CEmnaHl7PKhL69pk4jI
TfKUnah0ihgCb72Dkzqtsw6iTsJpg1rEd+TDpDPpTp3KIB0xbtk=
=e5eN
-----END PGP SIGNATURE-----