Adrian Doroiman wrote:
As you can see, parameters are given to function GenerateRandom, so that p
and q are primes satisfying the condition that p-1 and q-1 are primes with
e. This means that e will have an inverse.
Thank you Adrian,
now I could see it's done at IsAcceptable() of RSAPrimeSelector
that have e passed to
It is safe to use LCM(p-1, q-1), which is a divisor of (p-1)(q-1).
Yes, e is relatively prime to LCM and LCM divides (p-1)(q-1)
so both would result in the same private exponent.
I guess it's faster to calculate the inverse this way.
Adrian
----- Original Message -----
From: "Vadym Fedyukovych" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, July 30, 2004 11:00 AM
Subject: rsa primes and private exp generation
Hello,
I'm curious whether/how given public exponent (say, 17)
is tested to be relatively prime to p-1 and q-1
(m_p and m_q of InvertibleRSAFunction)
other than assert(m_d.IsPositive()).
Any logic implemented to chose primes that are both fit
this relatively prime check?
As I see it, private exponent might be set to 0 by
EucledianMultiplicativeInverse() and
an executable dying on assert is not the best option
I'm also curious what's the purpose of LCM while
calculating modulus to invert public exponent.
That is, why LCM(p-1, q-1) and not just (p-1)(q-1)?
Thank you,
Vadym Fedyukovych
