fermat primes and dnssec-keygen bug?

Miek Gieben miek at miek.nl
Wed Mar 7 14:50:16 UTC 2012

[ Quoting <spainj at countryday.net> at 14:33 on Mar  7 in "RE: fermat primes an..." ]
> > Its not about integer overflow, it's about the fact that F5 does not add to the security, but does use up a lot of CPU cycles.
> I'd like to study this issue more. Would you please provide a reference that discusses your assertion that using an F5 public exponent does not add to the security of RSA encryption vs. F4 or perhaps F0.
> With regard to CPU utilization, from the description of the modular exponentiation algorithm at http://en.wikipedia.org/wiki/Modular_exponentiation#Right-to-left_binary_method, it appears that the number of modular multiplications required for a modular exponentiation is the total number of bits in the exponent plus the number of one bits. This is 19 for an F4 exponent and 35 for F5. Given this, it's not obvious to me that the CPU utilization differences are significant. If you can point me to a reference that benchmarks this, that would be much appreciated.

Well, go argue with Adam Langly in the bug report I submitted (and Paul quoted
in this thread).

grtz Miek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20120307/1622a520/attachment.bin>

More information about the bind-users mailing list