| |
 Search this list this category for: (Advanced)

Mailing List Archive: GnuPG: users

# Question about how RSA keys are generated in GnuPG

papillion at gmail

Apr 28, 2012, 7:08 PM

Post #1 of 3 (196 views)
 Question about how RSA keys are generated in GnuPG
Hi Everyone,

This is a stupid question I'm sure but I can't seem to find an answer
to it in the source code so I thought I'd ask here. When GnuPG is
selecting primes for RSA key generation, what parameters are set for
the primes? Is there a floor and a ceiling set for the numbers
generated? Please feel free to point me to the right place in code if
need be.

Thanks!
Anthony

--
Anthony Papillion
Software Developer and IT Consultant
Phone: (918) 533-9699

My Identica:     identi.ca/cajuntechie

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

wk at gnupg

Apr 29, 2012, 2:12 AM

Post #2 of 3 (189 views)
 Re: Question about how RSA keys are generated in GnuPG [In reply to]
On Sun, 29 Apr 2012 04:08, papillion [at] gmail said:

> This is a stupid question I'm sure but I can't seem to find an answer
> to it in the source code so I thought I'd ask here. When GnuPG is

Tou need to look into Libgcrypt. From its manual:

The generation of random prime numbers is based on the Lim and Lee
algorithm to create practically save primes.@footnote{Chae Hoon Lim
and Pil Joong Lee. A key recovery attack on discrete log-based shemes
using a prime order subgroup. In Burton S. Kaliski Jr., editor,
Advances in Cryptology: Crypto '97, pages 249­-263, Berlin /
Heidelberg / New York, 1997. Springer-Verlag. Described on page 260.}
This algorithm creates a pool of smaller primes, select a few of them
to create candidate primes of the form @math{2 * p_0 * p_1 * ... * p_n
+ 1}, tests the candidate for primality and permutates the pool until
a prime has been found. It is possible to clamp one of the small
primes to a certain size to help DSA style algorithms. Because most
of the small primes in the pool are not used for the resulting prime
number, they are saved for later use (see @code{save_pool_prime} and
@code{get_pool_prime} in @file{cipher/primegen.c}). The prime
generator optionally supports the finding of an appropriate generator.

Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

papillion at gmail

Apr 29, 2012, 4:02 AM

Post #3 of 3 (188 views)
 Re: Question about how RSA keys are generated in GnuPG [In reply to]
Thank you sir!

Anthony

--
Sent from my mobile device

On Apr 29, 2012, at 4:12 AM, Werner Koch <wk [at] gnupg> wrote:

> On Sun, 29 Apr 2012 04:08, papillion [at] gmail said:
>
>> This is a stupid question I'm sure but I can't seem to find an answer
>> to it in the source code so I thought I'd ask here. When GnuPG is
>
> Tou need to look into Libgcrypt. From its manual:
>
> The generation of random prime numbers is based on the Lim and Lee
> algorithm to create practically save primes.@footnote{Chae Hoon Lim
> and Pil Joong Lee. A key recovery attack on discrete log-based shemes
> using a prime order subgroup. In Burton S. Kaliski Jr., editor,
> Advances in Cryptology: Crypto '97, pages 249 -263, Berlin /
> Heidelberg / New York, 1997. Springer-Verlag. Described on page 260.}
> This algorithm creates a pool of smaller primes, select a few of them
> to create candidate primes of the form @math{2 * p_0 * p_1 * ... * p_n
> + 1}, tests the candidate for primality and permutates the pool until
> a prime has been found. It is possible to clamp one of the small
> primes to a certain size to help DSA style algorithms. Because most
> of the small primes in the pool are not used for the resulting prime
> number, they are saved for later use (see @code{save_pool_prime} and
> @code{get_pool_prime} in @file{cipher/primegen.c}). The prime
> generator optionally supports the finding of an appropriate generator.
>
>
> Shalom-Salam,
>
> Werner
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users