-----BEGIN PGP SIGNED MESSAGE----- Subject: Re: Warning about PGP - relax

WARNING - WARNING - WARNING - WARNING - WARNING - WARNING

...

insecure. Hastad demonstrated a successful attack against RSA with a low encryption key [417]. Another attack by Michael Wiener will recover e, when e is up to one quarter the size of n [878].

Take a look at the errata (I'm quoting from version 1.5.9). } Page 287: Last line: Wiener's attack is misstated. If d is } less than one-quarter the length of the modulus, then the attack } can use e and n to find d quickly. Still, I do prefer e=65537 to e=17 (the value that PGP typically uses). But the situation isn't as bad as it looks from reading Schneier. Mark -----BEGIN PGP SIGNATURE----- Version: 2.4 iQBVAgUBLg5YfWrJdmD9QWqxAQHwGAH/b0NcQQCSO7xcsF0VufzsSG5mk0tZu1Eq jt3Cr5gfhZsuuf2zoNEIOLVEz+Hsbgv9mBhccCNSOIgP3aowgcWoyQ== =tavZ -----END PGP SIGNATURE----- -- Mark Henderson markh@wimsey.bc.ca - RIPEM MD5: F1F5F0C3984CBEAF3889ADAFA2437433 ViaCrypt PGP key fingerprint: 21 F6 AF 2B 6A 8A 0B E1 A1 2A 2A 06 4A D5 92 46 low security key fingerprint: EC E7 C3 A9 2C 30 25 C6 F9 E1 25 F3 F5 AF 92 E3 cryptography archive maintainer -- anon ftp to ftp.wimsey.bc.ca:/pub/crypto