Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

   


   


   

















      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] Fwd: Re: Breaking RSA: Totient indirect factorization



     :) (  )

--This is a forwarded message
From: Alexander Klimov <alserkli@xxxxxxxx>
To: bugtraq@xxxxxxxxxxxxxxxxx <bugtraq@xxxxxxxxxxxxxxxxx>
Date: Thursday, November 15, 2007, 11:29:19 AM
Subject: Breaking RSA: Totient indirect factorization

===8<==============Original message text===============
On Wed, 14 Nov 2007, gandlf wrote:
> 1) m = p*q            -> RSA modulus
>
> [...]
>
> Algorithm
> ---------
>
> - Repeat "a = a^n mod m" with n from 2 to m, saving all the results
>   in a table until a == 1 (Statement 4).

:-)

So what is the expected running time of your algorithm? For example,
how long it will take on average to factor a 1024-bit modulus?

> Impact
> ------
>
> PKI vendors must change modulus generator algorithms to discard
> totients with lower factors.

You may be interested in ``Are 'Strong' Primes Needed for RSA?'' by
Ron Rivest and Robert Silverman.

-- 
Regards,
ASK

===8<===========End of original message text===========


-- 
~/ZARAZA
    (. )



 




Copyright © Lexa Software, 1996-2009.