Security-Alerts mailing list archive (security-alerts@yandex-team.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[security-alerts] Fwd: Re: Breaking RSA: Totient indirect factorization
Таки значит не я один :) (отлегло на сердце)
--This is a forwarded message
From: Alexander Klimov <alserkli@xxxxxxxx>
To: bugtraq@xxxxxxxxxxxxxxxxx <bugtraq@xxxxxxxxxxxxxxxxx>
Date: Thursday, November 15, 2007, 11:29:19 AM
Subject: Breaking RSA: Totient indirect factorization
===8<==============Original message text===============
On Wed, 14 Nov 2007, gandlf wrote:
> 1) m = p*q -> RSA modulus
>
> [...]
>
> Algorithm
> ---------
>
> - Repeat "a = a^n mod m" with n from 2 to m, saving all the results
> in a table until a == 1 (Statement 4).
:-)
So what is the expected running time of your algorithm? For example,
how long it will take on average to factor a 1024-bit modulus?
> Impact
> ------
>
> PKI vendors must change modulus generator algorithms to discard
> totients with lower factors.
You may be interested in ``Are 'Strong' Primes Needed for RSA?'' by
Ron Rivest and Robert Silverman.
--
Regards,
ASK
===8<===========End of original message text===========
--
~/ZARAZA
Жало мне не понадобится (С. Лем)
|
