----- Original Message -----
From: "David Barrett" <[EMAIL PROTECTED]>
To: "'theory and practice of decentralized computer networks'"
<[email protected]>
Sent: Saturday, July 07, 2007 4:35 PM
Subject: [p2p-hackers] What's the risk of sharing private RSA keys?
But I'm wondering if there are additional attacks that can be waged on the
private key that go beyond brute force? Is there some trick that a hacker
could use to more easily generate the corresponding public key given the
private?
Actually there are. In fact there are a wide number of them. The one that is
most likely to be damaging to the idea you gave is that RSA with a private
key of less N^0.271 (it is believed that the attack can be extended to
N^0.5) is insecure as the private key can be found quite easily. With a very
small private key as would happen with our design this search process
becomes very efficient. However, if you meant to ask can you choose the
private key, and then generate the public key, yes that works, just make
sure you choose a large private key. For some more exotic things there was
some research out of Stanford a few years ago about generating key pairs in
some very exotic ways for security.
And yes, I am a cryptanalyst.
Joe
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers
