[Cryptography] Very best practice for RSA key generation

Phillip Hallam-Baker phill at hallambaker.com
Tue Oct 22 20:53:25 EDT 2019

On Tue, Oct 22, 2019 at 4:03 PM Sidney Markowitz <sidney at sidney.com> wrote:

> Phillip Hallam-Baker wrote on 21/10/19 1:37 PM:
> >
> > I turned this out on Friday to further discussions:
> >
> > http://mathmesh.com/Documents/draft-hallambaker-mesh-udf.html
> >
> Have you looked at FIPS 186-4 section A.1.1 Generation and Validation of
> Probable Primes to see if any other differences between your method and
> that
> spec make a difference?

Yes, that is actually the scheme that I implemented in my code. I will
include Christian and Jonathan's point in the next iteration of the draft.

The part I am still trying to work on is exactly where the MUST/SHOULd
boundary lies. There are some requirements for P+/-1 be auxiliary primes
which I am thinking are best punted on (if people care about such things,
generate seeds until you get an acceptable result).

One thing I had not expected was that it turns out that some
implementations require p>q or q>p even though the algorithm should be
neutral on that issue.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20191022/6c41d201/attachment.htm>

More information about the cryptography mailing list