Hagai,
From my research I found that there are some known CA that use exponent of 3 (and some hardware implementation that use that as default).
About your ca, if you know that all your components (browsers and/or applications) that will be involved will have good PKCS#1 implementation, then you should be ok with exponent of 3, or even exponent of 1, in fact it will make your public key operations (encrypt, verify) faster. And if your components don't have PKCS#1 then you have much more to worry about even with bigger exponents.
For example the standard OpenSSL RSA signature is RSA+PKCS#1, and i think must other standard implementations as well.
However I did see some government documents claiming that even 65537 is not enough, and they recommend even bigger, but I think a lot of that is politics.I know that a lot of people here will disagree but, just do the research and if you know the components involved have good PKCS#1 you should be fine with small public exponents.
Anyone that has a good reason to say this is wrong with details, I would love to hear that.
Joe Gluck
On 9/6/06, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote:
On Wed, Sep 06, 2006, Hagai Yaffe wrote:
>
> I have read the advisory an I am a bit puzzled regarding the there are
> CAs using exponent 3 in wide use comment, I have tried to check and
> could not found any CA using this exponent, all the CA's I have seen are
> using 0x10001 (CA's I have generate by OpenSSL using default values,
> world wide trusted CA's such as VeriSign and Thawte etc..), I understand
> that specifying CA's using exponent 3 will give specific targets to
> malicious people and that is defiantly not a good idea, how ever I would
> like to try and better understand the range of the problem, are only
> old CA's using exponent 3 ?
>
> Could anyone elaborate some on this?
>
I don't want to name names here but a brief study I did revealed 8 public CA
root certificates which used exponent 3.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
