On Wed, 26 Mar 2003, Bear Giles wrote: > [...] While RSA itself is symmetrical, [...] In theory, yes. In practice, no: most RSA implementations use a very small public exponent e (e.g. 2^16 + 1). Let us assume you keep such a small e as a private exponent, and give me the other exponent, d, as a public exponent (and the modulus N, of course). What happens? You lose: everything I have to do is to keep checking small numbers until I find e' such that x^(e'd) = x (mod N) for an arbitrary x. Then e = e'. I known both exponents, i.e. I know both the public and the corresponding private key (and I can compute the factorization of N for extra fun). Game over. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
This archive was generated by hypermail 2b30 : Thu Mar 27 2003 - 15:42:10 PST