On Thu, Aug 12, 2004 at 03:27:07PM -0700, Jon Callas wrote: > On 10 Aug 2004, at 5:16 AM, John Kelsey wrote: > > >So, how many people on this list have actually looked at the PGP key > >generation code in any depth? Open source makes it possible for > >people to look for security holes, but it sure doesn't guarantee that > >anyone will do so, especially anyone who's at all good at it. > > Incidentally, none of the issues that lrk brought up (RSA key being > made from an "easy to factor" composite, a symmetric key that is a weak > key, etc.) are unique to PGP.
Yep. And I know that. But as my hair turns grey, I make more simple mistakes and catch fewer of them. Looks like we are batting zero here. I have seen no responses nor received off-list e-mail from anyone admitting to examining the open source for holes. My examination of RSAREF and OpenSSL code was more toward understanding how they handled big numbers. It appears both generate prime numbers which are half the length of the required N and with both of the two most significant bits set to one. This means the ratio R=P/Q (P being the larger prime) is limited to 1<R<(4/3). The actual maximum R is less and can be determined by examining N. While this seems not very helpful, the more bits of R I know, the easier it is to factor N. Is this well known and has it been discussed here? -- [EMAIL PROTECTED] --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
