Re: How to detect RSA keys that are weak?



On 2010-12-01, Pubkeybreaker <pubkeybreaker@xxxxxxx> wrote:
On Dec 1, 12:21?pm, Prof Craver <xcottcra...@xxxxxxxxx> wrote:
On Dec 1, 5:57?am, unruh <un...@xxxxxxxxxxxxxxxxxxxxxxx> wrote:



No, you choose the first prime randomly, the second prime using the
"fixed" procedure.

That would certainly be less obvious than your original suggestion.
Your original suggestion have every modulus starting with the same 512
bits, having the same initial 85 characters in base-64 encoding.

Define a "weak" key as one that is susceptible to a special-purpose
factoring attack.

There are many ways to deliberately construct "weak" keys.

If one is truly paranoid, one can always perform a zero-knowledge
proof that proves that the key is not susceptible to some specific
attack. I wrote a paper on this. (giving a variety of ZKP's for a
variety of attacks)

But it would only apply to that particular attack. And paranoids
would still argue that one can't trust the software that conducts the
ZKP....

Trust has to exist SOMEWHERE in order to use crypto software. And by
somewhere I mean somewhere external to one's self.

Crypto should be a field in which you minimize external trust. Since the
key is so critical to the usefullness of crypto, it should be the place
where you trust outside sources to an absolute minimum. The software
itslef you can test to see if it does what it claims to do (eg take
modular powers) Key generation you cannot.

Use your own, open source, preferably separately written, key generation
software.


.



Relevant Pages

  • Re: How to detect RSA keys that are weak?
    ... That would certainly be less obvious than your original suggestion. ... factoring attack. ... Trust has to exist SOMEWHERE in order to use crypto software. ...
    (sci.crypt)
  • Re: Digital signatures
    ... You can choose to trust whomever you wish. ... In PGP, you have ... key that's used for this encryption is generated ... to use a rubber hose attack to beat the information out of you. ...
    (Fedora)
  • Re: TippingPoint Releases Open Source Code for FirstIntrusionPrev ention Test Tool, Tomahawk
    ... testing of IDS or IPS. ... or attack an actual host which due to the nature of exploits will ... unlike a "live test" there is some trust involved that the ... For those people who don't want to trust pcaps and don't have the ...
    (Focus-IDS)
  • Re: BIND update?
    ... almost certainly place _some_ trust in the results you get back; ... and is true regardless of the "security" of the DNS. ... like the man in the middle attack ... browsers is a real solution. ...
    (FreeBSD-Security)
  • Re: Was There Ever Really a Beginning?
    ... there is no other place to go but to attack my credibility, ... his Lord. ... that during the church age people will put their trust in ... it's God. ...
    (talk.origins)