[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Fwd: Re: IKEv2 Key Size Conformance Requirements



First off, please send plaintext e-mails, folks.  I'm getting sick of seeing:

> [Charset windows-1256 unsupported, skipping...]

Anyway...

> I still haven't figured out what the big deal is. If someone wants to use a
> 1022 bit key, can't they just call it a 1024 bit key where the 2 leading
> bits are zero? Is there some RSA chip/library out there that assumes that
> the high bit is a 1? The math works either way.

Hardware people need 1024 bits, even if it's leading-0-padded.  Some (very
broken) software bignum implementations can't deal with leading zeroes.
Fortunately, it usually takes just one well-placed example and the bugs get
fixed.  Unfortunately, there's a lot of brain-damage in the world.

Dan