|
|
Re: I don't know PAIN...: msg#00251encryption.general
Jerrold Leichter <jerrold.leichter@xxxxxxxxxx> writes: > | > "Note that there is no theoretical reason that it should be > | > possible to figure out the public key given the private key, > | > either, but it so happens that it is generally possible to > | > do so" > | > > | > So what's this "generally possible" business about? > | > | Well, AFAIK its always possible, but I was hedging my bets :-) I can > | imagine a system where both public and private keys are generated from > | some other stuff which is then discarded. > That's true of RSA! The public and private keys are indistinguishable - you > have a key *pair*, and designate one of the keys as public. Computing either > key from the other is as hard as factoring the modulus. (Proof: Given both > keys in the pair, it's easy to factor.) It's worth pointing out that this isn't how RSA is used in practice, for two reasons: (1) Most everyone uses one of 3 popular RSA public exponents (3, 17, 65535) and then computes the private key from p and q. (2) PKCS-1 RSAPrivateKey structures contain the public key. -Ekr -- [Eric Rescorla ekr@xxxxxxxx] http://www.rtfm.com/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@xxxxxxxxxxxx |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before: 00251, Anne & Lynn Wheeler |
|---|---|
| Next by Date: | Re: Repudiating non-repudiation: 00251, robin benson |
| Previous by Thread: | Re: I don't know PAIN...i: 00251, Jerrold Leichter |
| Next by Thread: | Re: I don't know PAIN...: 00251, Greg Rose |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |