Re: Performance of RSA key generation

---

• From: Mark Wooding <mdw@xxxxxxxxxxxxxxxx>
• Date: Tue, 27 Jan 2009 11:10:30 +0000

---

Ertugrul Söylemez <es@xxxxxxxx> writes:

When I wrote an RSA implementation, I picked p and q randomly and chose
the public exponent accordingly. That seems to work very well. I
wonder why other implementations don't do it that way.

I think that SSH at least used to do that. The downside is that the
public exponents can have higher Hamming weight, and there are security
reasons (e.g., Shoup's reduction for RSA-OAEP) for forcing e = 3.

-- [mdw]
.

---

• Follow-Ups:
  • Re: Performance of RSA key generation
    • From: Ertugrul Söylemez

• References:
  • Performance of RSA key generation
    • From: Giuliano Bertoletti
  • Re: Performance of RSA key generation
    • From: Mark Wooding
  • Re: Performance of RSA key generation
    • From: Ertugrul Söylemez

• Prev by Date: Re: Performance of RSA key generation
• Next by Date: The Simplest Overview of Recent Crypto System Claims.
• Previous by thread: Re: Performance of RSA key generation
• Next by thread: Re: Performance of RSA key generation
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Performance of RSA key generation ... Mark Wooding wrote: ... chose the public exponent accordingly. ... I wonder why other implementations don't do it that way. ... (sci.crypt) Re: Performance of RSA key generation ... chose the public exponent accordingly. ... I wonder why other implementations don't do it that way. ... at least for primes with less than ... (sci.crypt)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > sci.crypt  > 2009-01