[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: On shared keys
Henry Spencer <henry@spsystems.net> writes:
> > Do I even need to mention the insecurity of generating an RSA key from
> > a short secret? Worse, do I need to mention the insecurity of both
> > sides sharing a SINGLE keypair?
>
> In what way is it worse than old-style shared secrets? *That* is the
> crucial question.
It may be easier to break the RSA key if it's generated with a
'weakly-seeded' PRNG than if the 'weak seed' is used directly.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available
Follow-Ups:
References: