Re: Determine size of keyspace for RSA keys
From: Mike Amling (nospam_at_nospam.com)
Date: 05/20/05
- Previous message: Gregory G Rose: "Re: Block cypher mode of operation for MAC"
- In reply to: Roger Schlafly: "Re: Determine size of keyspace for RSA keys"
- Next in thread: Jean-Luc Cooke: "Re: Determine size of keyspace for RSA keys"
- Reply: Jean-Luc Cooke: "Re: Determine size of keyspace for RSA keys"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 20 May 2005 16:21:30 GMT
Roger Schlafly wrote:
> "Mike Amling" <nospam@nospam.com> wrote:
>
>> I think it would be reasonable to take the number of primes that you
>>could pick for p times the number of primes that you could pick for q.
>
> I wouldn't multiply. Just take the number of primes that you could
> pick for p.
>
> My reason is that the RSA modulus N=pq is public, so q can be
> recovered from p. Furthermore, it is insecure to use different values
> of q with the same value of p.
I agree. For the same reason that d does not contribute to the
keyspace size, q is a function of p and the public n.
But apparently the group has more than one definition in mind for
"keyspace" applied to RSA. I'm thinking that if there are 2**x possible
keys, and users always reveal y bits of information about the key
they've chosen, then the effective keyspace is x-y bits. E.g., if SSL
uses a 128-bit key and reveals 88 bits of the key, I'd say the keyspace
is 40 bits.
--Mike Amling
- Previous message: Gregory G Rose: "Re: Block cypher mode of operation for MAC"
- In reply to: Roger Schlafly: "Re: Determine size of keyspace for RSA keys"
- Next in thread: Jean-Luc Cooke: "Re: Determine size of keyspace for RSA keys"
- Reply: Jean-Luc Cooke: "Re: Determine size of keyspace for RSA keys"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
