Hacker News new | past | comments | ask | show | jobs | submit login

That was explained in the audio part of the talk. :-)

Short answer: A long list of attacks in the past have been much harder with large public exponents; using 2^16+1 instead of 3 is a bit slower but is likely to make you safer if someone else gets smart in the future.




Thanks for answering my curious questions so far. =)

Since I messed up formatting earlier, my first question about generating keys with this particular exponent was hidden:

Do you know how to generate such a key pair using gpg (or another tool)? Or is this done automatically?


In OpenSSL you can pass your public exponent to RSA_generate_key. I'm not sure about gpg... it has been a while since I last generated a key.


Maybe you are looking for this article (generate RSA/RSA GPG key):

http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/


For OpenSSL command line:

  openssl genrsa -f4 2048


Thanks, OpenSSL actually uses 0x10001 by default for e. I'll use it instead of GPG from now on to generate keys.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: