[Cryptography] Zoom publishes draft cryptographic design for end-to-end encryption

Ralf Senderek crypto at senderek.ie
Mon Jun 8 15:58:33 EDT 2020



On Mon, 8 Jun 2020, Stephan Neuhaus wrote:

> On 6/5/20 10:33 AM, Ralf Senderek wrote:
>>  Well, everything can be overdone, because forcing a 2048 bit n to be used
>>  with a 2041 bit e will give them quite a handy, small private decryption
>>  exponent d.
>
> Will it? Can I ask you to explain your reasoning?
>
> Fun,
>
> Stephan

If I'm not mistaken then phi(n) = (p-1)*(q-1) is of roughly the same size
as n.
And if e*d = 1 mod phi(n) , then you *might* find a small d if e is large.
You may as well find a large d if e is large, but any small one that fits
the bill will decrypt your ossifrage.

    --ralf

PS: doesn't convince you?


More information about the cryptography mailing list