-----BEGIN PGP SIGNED MESSAGE----- WARNING - WARNING - WARNING - WARNING - WARNING - WARNING Quoting "Applied Cryptography by Bruce Schneier, Page 287-288."
Low Exponent Attack Agenst RSA Another suggestion to "improve" RSA is to use low values for e, the public key. This makes encryption fast and easy to perform. Unfortunately, it is also insecure. Hastad demonstrated a successful attack against RSA with a low encryption key [417]. Another attack by Michael Wiener will recover e, when e is up to one quarter the size of n [878]. A low decryption key d, is just as serious a problem. Moral: Choose large values for e and d.
417. J. Hastad, "On Using RSA with Low Exponent in a Public- Key Network," Advances in Cryptology - CRYPTO '85 Proceedings, Berlin: Springer-Verlag, 1986, pp403-408 878. M. J. Weiner, "Cryptanalysis of Short RSA Secret Exponents." IEEE Transactions on Information Theory, v.36, n. 3, May 1990, pp. 553-558.
The public domain PGP programs curriently produce short public key exponents, (17 is a common value). It would seem that the Governments of the world have had easy access to PGP traffic. Tom Rollins <trollins@debbie.telos.com> WARNING - WARNING - WARNING - WARNING - WARNING - WARNING -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCzAgUBLg3CpGWJTLDtTMmNAQHhfQTwkalahr6xBNpeO8Yg2Ln1TkTbJ/VDccSS 4hZmqos1WEhmNuHEYTbKBZoS5wA9PHJkd26byy8JCAxoM5siiL6tNUaA4hRa+0IV RJtIYnS5yIvGfocrBcmN+e2fJGZXyyc+h1cUzNMq/aml4CEmnaHl7PKhL69pk4jI TfKUnah0ihgCb72Dkzqtsw6iTsJpg1rEd+TDpDPpTp3KIB0xbtk= =e5eN -----END PGP SIGNATURE-----