fermat primes and dnssec-keygen bug?

Spain, Dr. Jeffry A. spainj at countryday.net
Wed Mar 7 14:33:46 UTC 2012

> Its not about integer overflow, it's about the fact that F5 does not add to the security, but does use up a lot of CPU cycles.

I'd like to study this issue more. Would you please provide a reference that discusses your assertion that using an F5 public exponent does not add to the security of RSA encryption vs. F4 or perhaps F0.

With regard to CPU utilization, from the description of the modular exponentiation algorithm at http://en.wikipedia.org/wiki/Modular_exponentiation#Right-to-left_binary_method, it appears that the number of modular multiplications required for a modular exponentiation is the total number of bits in the exponent plus the number of one bits. This is 19 for an F4 exponent and 35 for F5. Given this, it's not obvious to me that the CPU utilization differences are significant. If you can point me to a reference that benchmarks this, that would be much appreciated.
Thanks. Jeff.

More information about the bind-users mailing list