speaking of weak primes, weak exponents?

coderman coderman at gmail.com
Sat Mar 11 00:33:28 PST 2006


Qi Cheng is not aware of any further work on "A New Class of Unsafe
Primes" - http://eprint.iacr.org/2002/109 , which was mentioned here
recently (thanks Peter).

not a big deal or something to be concerned about?  (the speed
improvement shown makes me think this should be a check performed for
all prime selection in any pubkey system, even if it is unlikely)


also curious if anyone has insight on the following as potential
pitfalls to avoid when implementing / generating RSA:

---

http://eprint.iacr.org/2006/093

"RSA and a higher degree diophantine equation ... Let $N=pq$ be an RSA
modulus where $p$, $q$ are large primes of the same bitsize. We study
the class of the public exponents $e$ for which there exist an integer
$m$ with $1\leq m\leq {\log{N}\over \log{32}}$ and small integers $u$,
$X$, $Y$ and $Z$ satisfying $$(e+u)Y^m-\psi(N)X^m=Z,$$ where
$\psi(N)=(p+1)(q-1)$. First we show that these exponents are of
improper use in RSA cryptosystems."

---

http://eprint.iacr.org/2006/092

"Cryptanalysis of RSA with constrained keys ... We show that choosing
a public key exponent $e$ for which there exist positive integers $X$,
$Y$ such that $\left\vert eY-XF(u)\right\vert$ and $Y$ are suitably
small, then the system is insecure."

---

one last related item, large qubit quantum computers:

---

http://www.mail-archive.com/cryptography@metzdowd.com/msg05835.html

bulk quantum computation
Travis H.

Here's a 1997 paper on "quantum computing in the large" that I had
been asking about:

http://www.media.mit.edu/physics/projects/spins/home.html

"Neil Gershenfeld and Isaac Chuang have developed an entirely new
approach to quantum computation that promises to solve many of these
problems. Instead of carefully isolating a small number of qubits, we
use a large thermal ensemble (such as a cup of coffee). Such a system
has ~10^23 degrees of freedom; by applying RF pulses that excite
nuclear magnetic resonances, we can create a tiny deviation from
equilibrium that acts just like a much smaller number of pure qubits."





More information about the cypherpunks-legacy mailing list