Re: RSA moduli sizes
- From: pubkeybreaker <pubkeybreaker@xxxxxxx>
- Date: Fri, 27 Mar 2009 12:23:47 -0700 (PDT)
On Mar 27, 10:42�am, Paulo Marques <pmarq...@xxxxxxxxxxxx> wrote:
Stan Lee wrote:
--
Paulo Marques
Software Development Department - Grupo PIE, S.A.
Phone: +351 252 290600, Fax: +351 252 290601
Web:www.grupopie.com
Thomas Pornin wrote:
According to K. Jennings <kjenni...@xxxxxxxxxxxxxx>:
� �That's fair enough. Let me please rephrase my question: Is itMy own opinion is that if a device or function is supposed to generate
your opinion that an RSA key generation code should guarantee that, when
generating N-bit keys, the leading bit of the modulus must always be set
to 1?
an N-bit key, and returns an (N-1)-bit key, then the device or function
did not follow its specification. I asked for 1024 bits, if I get only
1023 then I feel defrauded.
� � � �--Thomas Pornin
What I don't understand is, why is a bit only considered as being a bit,
if it is set to 1?
I think you'd still be getting a 1024-bit key. It just so happens the
most significant bit is set to 0.
I think the confusion here arises from the fact that when you have a 256
bit AES key (for instance) it doesn't matter what bits are 0 or 1, as
the AES will always work, but in RSA if the key is shorter in the sense
that the most significant bits are 0, then the messages you can sign or
encrypt are also shorter, i.e., size matters ;)
AES keys are bit strings, not numbers.
.
- References:
- RSA moduli sizes
- From: K. Jennings
- Re: RSA moduli sizes
- From: pubkeybreaker
- Re: RSA moduli sizes
- From: K. Jennings
- Re: RSA moduli sizes
- From: Thomas Pornin
- Re: RSA moduli sizes
- From: Stan Lee
- Re: RSA moduli sizes
- From: Paulo Marques
- RSA moduli sizes
- Prev by Date: Re: RSA moduli sizes
- Next by Date: Re: RSA moduli sizes
- Previous by thread: Re: RSA moduli sizes
- Next by thread: Re: RSA moduli sizes
- Index(es):
Relevant Pages
|
