Re: Problems With Public Key Cryptosystems

From: Douglas A. Gwyn (DAGwyn_at_null.net)
Date: 07/14/04 

Date: Wed, 14 Jul 2004 18:13:24 GMT

David Wagner wrote:
> Actually, the number of conditions is shrinking. The bit about safe
> primes, small divisors of p-1, etc., is now considered irrelevant; they
> seem to have been an artifact of the old factoring algorithms. Today's
> best factoring algorithms don't care whether p-1 has small factors, so
> the advice today is just to generate a pair of primes uniformly at
> random without worrying about special conditions.

I think that is an accurate description, but it's puzzling.
If method X was viable under some condition a few years ago
then even though method Z has supplanted it in the general
case method X would be even more viable under the *same*
condition today.. So if the restrictions were ever sane,
they should still be.

Relevant Pages

  • Re: Problems With Public Key Cryptosystems
    ... the number of conditions is shrinking. ... The bit about safe ... > seem to have been an artifact of the old factoring algorithms. ...
    (sci.math)
  • Re: Problems With Public Key Cryptosystems
    ... Of the form that p-1 should not have certain ... >small prime divisors. ... >couldn't be sure that what seems safe today will be so tomorrow. ... seem to have been an artifact of the old factoring algorithms. ...
    (sci.crypt)
  • Re: Problems With Public Key Cryptosystems
    ... Of the form that p-1 should not have certain ... >small prime divisors. ... >couldn't be sure that what seems safe today will be so tomorrow. ... seem to have been an artifact of the old factoring algorithms. ...
    (sci.math)