lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 15 Nov 2007 10:29:19 +0200 (IST)
From: Alexander Klimov <alserkli@...ox.ru>
To: bugtraq@...urityfocus.com
Subject: Re: Breaking RSA: Totient indirect factorization

On Wed, 14 Nov 2007, gandlf wrote:
> 1) m = p*q            -> RSA modulus
>
> [...]
>
> Algorithm
> ---------
>
> - Repeat "a = a^n mod m" with n from 2 to m, saving all the results
>   in a table until a == 1 (Statement 4).

:-)

So what is the expected running time of your algorithm? For example,
how long it will take on average to factor a 1024-bit modulus?

> Impact
> ------
>
> PKI vendors must change modulus generator algorithms to discard
> totients with lower factors.

You may be interested in ``Are 'Strong' Primes Needed for RSA?'' by
Ron Rivest and Robert Silverman.

-- 
Regards,
ASK

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ