Re: 128bit RSA public key - time to break?

From: shane (shanehird@hotmail.com)
Date: 02/24/03 

From: shanehird@hotmail.com (shane)
Date: 23 Feb 2003 17:40:35 -0800

Rick Wash <rwash@citi.umich.edu> wrote in message news:<slrnb5hm2p.1ho.rwash@elysium.citi.umich.edu>...
> In article <3e584377$0$13177$5a62ac22@freenews.iinet.net.au>, Shane Hird wrote:
>
> > Yep.. The key will be used as an identifier as well, which has
> > already been fixed to 128 bits. For backwards compatibility it would
> > be good to use those same bits for the public key.
> >
> > I'm trying to add digital signatures to file requests in a p2p
> > application to assist in a credit system. Currently the protocol
> > uses no authentication at all, just trusts the ID that is sent to
> > it.
>
> Can you take this 128-bit identifier and feed it into a pseudo-random
> number generator to output a larger public key?
>
> Rick

Hmm, interesting idea. Though it would need to be done at the other
end too - which could be a bit CPU intensive.? Plus I worry I may
introduce a weakness unless I do a very good job with the generator...

I think the idea of using the bits as a fingerprint of the key and
sending the public key separately as suggested by Paul could do the
trick. Either way, I need to put a lot more thought into it first.

Relevant Pages

  • Re: 128bit RSA public key - time to break?
    ... For backwards compatibility it would ... > be good to use those same bits for the public key. ... Can you take this 128-bit identifier and feed it into a pseudo-random ... Rick ...
    (sci.crypt)
  • Re: 128bit RSA public key - time to break?
    ... The key will be used as an identifier as well, ... For backwards compatibility it would be good ... > to use those same bits for the public key. ... verify that it came from that ID. ...
    (sci.crypt)
  • Re: k-deterministic public-private key generation
    ... >response is properly signed by a public key that hashes to the query ... This would be fine if the keyword was generated uniformly at random from ... An attacker who ... a distribution that the pseudorandom generator is secure for). ...
    (sci.crypt)
  • Re: X509 question
    ... sha-1WithRSAEncryption (so signature algorithm identifier (in the 'child' certificate) should be sha-1WithRSAEncryption), and the actual public key is RSA and the algorithm which it is uses is RSAES-OAEP. ... RSA public key is a RSA public key. ...
    (sci.crypt)
  • Re: 128bit RSA public key - time to break?
    ... The key will be used as an identifier as well, ... For backwards compatibility it would be good to use those ... Currently the protocol uses no authentication ... >It wont be true PKI, but just enough authentication that you will know if ...
    (sci.crypt)