From: markh@wimsey.bc.ca (Mark C. Henderson)
Date: Sun, 26 Jun 94 21:43:23 PDT
To: cypherpunks@toad.com
Subject: Re: Warning about PGP - relax
Message-ID: <m0qI8Vv-0000Guc@vanbc.wimsey.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Subject: Re: Warning about PGP - relax

>  WARNING - WARNING - WARNING - WARNING - WARNING - WARNING
> > insecure. Hastad demonstrated a successful attack
> > against RSA with a low encryption key [417]. Another
> > attack by Michael Wiener will recover e, when e is
> > up to one quarter the size of n [878].

Take a look at the errata (I'm quoting from version 1.5.9).

} Page 287:  Last line:  Wiener's attack is misstated.  If d is
} less than one-quarter the length of the modulus, then the attack
} can use e and n to find d quickly.

Still, I do prefer e=65537 to e=17 (the value that PGP typically 
uses). But the situation isn't as bad as it looks from reading 
Schneier. 

Mark

-----BEGIN PGP SIGNATURE-----
Version: 2.4

iQBVAgUBLg5YfWrJdmD9QWqxAQHwGAH/b0NcQQCSO7xcsF0VufzsSG5mk0tZu1Eq
jt3Cr5gfhZsuuf2zoNEIOLVEz+Hsbgv9mBhccCNSOIgP3aowgcWoyQ==
=tavZ
-----END PGP SIGNATURE-----

-- 
Mark Henderson markh@wimsey.bc.ca - RIPEM MD5: F1F5F0C3984CBEAF3889ADAFA2437433
ViaCrypt PGP key fingerprint: 21 F6 AF 2B 6A 8A 0B E1  A1 2A 2A 06 4A D5 92 46
low security key fingerprint: EC E7 C3 A9 2C 30 25 C6  F9 E1 25 F3 F5 AF 92 E3
cryptography archive maintainer -- anon ftp to ftp.wimsey.bc.ca:/pub/crypto