[p2p-hackers] What's the risk of sharing private RSA keys?
ashwood at msn.com
Sat Jul 7 21:18:40 EDT 2007
----- Original Message -----
From: "David Barrett" <dbarrett at quinthar.com>
To: "'theory and practice of decentralized computer networks'"
<p2p-hackers at lists.zooko.com>
Sent: Saturday, July 07, 2007 4:35 PM
Subject: [p2p-hackers] What's the risk of sharing private RSA keys?
> But I'm wondering if there are additional attacks that can be waged on the
> private key that go beyond brute force? Is there some trick that a hacker
> could use to more easily generate the corresponding public key given the
Actually there are. In fact there are a wide number of them. The one that is
most likely to be damaging to the idea you gave is that RSA with a private
key of less N^0.271 (it is believed that the attack can be extended to
N^0.5) is insecure as the private key can be found quite easily. With a very
small private key as would happen with our design this search process
becomes very efficient. However, if you meant to ask can you choose the
private key, and then generate the public key, yes that works, just make
sure you choose a large private key. For some more exotic things there was
some research out of Stanford a few years ago about generating key pairs in
some very exotic ways for security.
And yes, I am a cryptanalyst.
More information about the p2p-hackers