> -----Original Message----- > From: Joseph Ashwood > > Actually there are. In fact there are a wide number of them. The one that > is > most likely to be damaging to the idea you gave is that RSA with a private > key of less N^0.271 (it is believed that the attack can be extended to > N^0.5) is insecure as the private key can be found quite easily. With a > very > small private key as would happen with our design this search process > becomes very efficient. However, if you meant to ask can you choose the > private key, and then generate the public key, yes that works, just make > sure you choose a large private key. For some more exotic things there was > some research out of Stanford a few years ago about generating key pairs > in > some very exotic ways for security. > > And yes, I am a cryptanalyst. > Joe
Thanks for the insight. I don't know if I quite followed that, however. Are you saying that, yes, it's easier to guess the public key given the private, than guess the private key given the public? How much easier? Like, if it takes a million years to guess the private key given the public, will it only take a thousand years to guess the public key given the private? Or one year? Or 1 second? I'm guessing that for a 1024-bit RSA key, it should be at least 20x faster to guess the public key given the private, than the reverse. Is it more than 20x faster? -david _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
