Michael Nelson <[email protected]> writes: >Paper by Lenstra, Hughes, Augier, Bos, Kleinjung, and Wachter finds that two >of every one thousand RSA moduli that they collected from the web offer no >security. An astonishing number of generated pairs of primes have a prime in >common.
The title of the paper "Ron was wrong, Whit is right" I think is rather misleading, since virtually all the DSA keys were PGP-generated and there was only one ECDSA key, while there were vast numbers of RSA keys from all manner of software. So what it should really say is "PGP got DSA keygen right, the sample size for ECDSA is too small to make any meaingful comment, and some RSA implementations aren't so good". Peter. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
