delta/python-packages/pycrypto.git - github.com: dlitz/pycrypto.git

diff options


context:
space:
mode:

Diffstat (limited to 'pipermail/pycrypto/2011q1/000411.html')

-rw-r--r--

pipermail/pycrypto/2011q1/000411.html

101

1 files changed, 101 insertions, 0 deletions

diff --git a/pipermail/pycrypto/2011q1/000411.html b/pipermail/pycrypto/2011q1/000411.html
new file mode 100644
index 0000000..b260e0a
--- /dev/null
+++ b/pipermail/pycrypto/2011q1/000411.html

@@ -0,0 +1,101 @@

+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">

+<HTML>

+ <HEAD>

+ <TITLE> [pycrypto] Why p<q in RSA code?

+ </TITLE>

+ <LINK REL="Index" HREF="index.html" >

+ <LINK REL="made" HREF="mailto:pycrypto%40lists.dlitz.net?Subject=%5Bpycrypto%5D%20Why%20p%3Cq%20in%20RSA%20code%3F&In-Reply-To=AANLkTinfHanB%2BxGjz6BLNYMRtH-mwZH54U172RHWHsQ%2B%40mail.gmail.com">

+ <META NAME="robots" CONTENT="index,nofollow">

+ <META http-equiv="Content-Type" content="text/html; charset=us-ascii">

+ <LINK REL="Previous" HREF="000410.html">

+ <LINK REL="Next" HREF="000412.html">

+ </HEAD>

+ <BODY BGCOLOR="#ffffff">

+ <H1>[pycrypto] Why p<q in RSA code?</H1>

+ Paul Koning

+ <A HREF="mailto:pycrypto%40lists.dlitz.net?Subject=%5Bpycrypto%5D%20Why%20p%3Cq%20in%20RSA%20code%3F&In-Reply-To=AANLkTinfHanB%2BxGjz6BLNYMRtH-mwZH54U172RHWHsQ%2B%40mail.gmail.com"

+ TITLE="[pycrypto] Why p<q in RSA code?">paul_koning at dell.com

+ </A>

+ Wed Jan 19 13:00:38 CST 2011

+ <UL>

+ <LI>Previous message: <A HREF="000410.html">[pycrypto] Why p<q in RSA code?

+</A></li>

+ <LI>Next message: <A HREF="000412.html">[pycrypto] Why p<q in RSA code?

+</A></li>

+ <LI> Messages sorted by:

+ <a href="date.html#411">[ date ]</a>

+ <a href="thread.html#411">[ thread ]</a>

+ <a href="subject.html#411">[ subject ]</a>

+ <a href="author.html#411">[ author ]</a>

+ </LI>

+ </UL>

+ <HR>

+

+<PRE>

+On Jan 19, 2011, at 1:29 PM, Legrandin wrote:

+>> I have noticed that - when generating an RSA key - a special check is

+>> made to ensure that p<q.

+>>

+>> That's interesting. This is what I found, which seems to suggest the exact

+>> opposite:

+>>

+>>>>

+>> To generate the primes p and q, generate a random number of [...] If p<q, swap

+>> p and q (this only matters if you intend using the CRT form of the private

+>> key) [...]

+>>>>

+>>

+>> Taken from <A HREF="http://www.di-mgt.com.au/rsa_alg.html">http://www.di-mgt.com.au/rsa_alg.html</A>

+>>

+>> That snippet suggests that p>q is desired if using the CRT form of the

+>> private key. And we seem to be doing the exact opposite, swapping p and q if

+>> p>q.

+>

+> Makes sense actually...

+>

+> The rsaDecrypt() routine in _fastmath.c (and possibly soon in

+> _slowmath.py ;-)) uses pInv = p^{-1} mod q, that is the u member in a

+> pycrypto RSA object.

+> In other words, the page you mention and pycrypto are the same if you

+> swap p and q.

+>

+> But still it does not explain *why* it must be p<q or p>q.

+

+If you do modular arithmetic mod q on p -- which is what is being done here -- you'd want to start with p having a legal value mod q. Such a value is in the range 0..q-1, so that's why you'd have the check.

+p^-1 mod q will deliver a value in that range. You could argue that it should be valid even if p is outside the range -- effectively that means you're doing (p mod q)^-1 mod q. But I would expect your typical modular arithmetic package not to go through that extra work.

+ paul

+</PRE>

+

+ <HR>

+ <UL>

+

+ <LI>Previous message: <A HREF="000410.html">[pycrypto] Why p<q in RSA code?

+</A></li>

+ <LI>Next message: <A HREF="000412.html">[pycrypto] Why p<q in RSA code?

+</A></li>

+ <LI> Messages sorted by:

+ <a href="date.html#411">[ date ]</a>

+ <a href="thread.html#411">[ thread ]</a>

+ <a href="subject.html#411">[ subject ]</a>

+ <a href="author.html#411">[ author ]</a>

+ </LI>

+ </UL>

+<hr>

+<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">More information about the pycrypto

+mailing list</a>

+</body></html>