Hacker News new | past | comments | ask | show | jobs | submit login

That was explained in the audio part of the talk. :-)

Short answer: A long list of attacks in the past have been much harder with large public exponents; using 2^16+1 instead of 3 is a bit slower but is likely to make you safer if someone else gets smart in the future.

Thanks for answering my curious questions so far. =)

Since I messed up formatting earlier, my first question about generating keys with this particular exponent was hidden:

Do you know how to generate such a key pair using gpg (or another tool)? Or is this done automatically?

In OpenSSL you can pass your public exponent to RSA_generate_key. I'm not sure about gpg... it has been a while since I last generated a key.

Maybe you are looking for this article (generate RSA/RSA GPG key):


For OpenSSL command line:

  openssl genrsa -f4 2048

Thanks, OpenSSL actually uses 0x10001 by default for e. I'll use it instead of GPG from now on to generate keys.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact