Re: [openssl-dev] [openssl.org #4190] Missing Check for duplicate Prime-Value of p and q in openssl 0.9.8o

[Ann]

Felix,
the real security hole is your key length.
For a key length greater 1024 p and q should never be identical. The
chance of p being not a prime is probably greater.
In case p=q the Euler function will be p(p-1), whereas OpenSSL uses
(p-1)(q-1) , i.e. (p-1)^2. In this case RSA, i.e. c:=m^e, m:=c^d, will
not work.
/Ann.
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev