1. 首頁
  2. 問答
  3. RSA公開指數默認爲65537.該值應該是多少?我的選擇有什麼影響?

RSA公開指數默認爲65537.該值應該是多少?我的選擇有什麼影響?

2012-07-01 27 views
3

我正在爲可能遇到不同指數大小的軟件創建單元測試。 (see section 3.3.1 of this RFCRSA公開指數默認爲65537.該值應該是多少?我的選擇有什麼影響?

如何使用充氣城堡,或任何其他C#庫生成RSA密鑰對that doesn't have a key size of 65537.

如果答案是,我可以直接修改這個,只要我更新私鑰那麼,我應該爲公鑰和私鑰做出什麼樣的具體變化(或重新計算)呢?

下面是我使用創建的65537指數的關鍵示例代碼:

 // Create key 
     RsaKeyPairGenerator generator = new RsaKeyPairGenerator(); 
     var param = new KeyGenerationParameters(new SecureRandom(), 1024); 
     generator.Init(param); 
     AsymmetricCipherKeyPair keyPair= generator.GenerateKeyPair(); 

     // Save to export format 
     SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair.Public); 
     byte[] ret = info.GetEncoded(); 
     string ovalue1 = Convert.ToBase64String(ret); 

     // Read from export format 
     byte[] publicKeyBytes = Convert.FromBase64String(ovalue1); 
     AsymmetricKeyParameter asymmetricKeyParameter = PublicKeyFactory.CreateKey(publicKeyBytes); 

     RsaKeyParameters rsaKeyParameters = (RsaKeyParameters)asymmetricKeyParameter; 
     RSAParameters rsaParameters = new RSAParameters(); 
     rsaParameters.Modulus = rsaKeyParameters.Modulus.ToByteArray(); 
     rsaParameters.Exponent = rsaKeyParameters.Exponent.ToByteArray(); 
     RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); 
     rsa.ImportParameters(rsaParameters);

來源

2012-07-01 LamonteCristo

+0

'KeyGenerationParameters'有一個子類'RSAKeyGenerationParameters',它可以用公共指數實例化。 –

+1

@BrettHale - 爲我解決了它!如果你想要這個答案的代表,請隨時張貼.. – LamonteCristo

回答

1

感謝@BrettHale我能解決這個問題。

這是如何在充氣城堡創建密鑰對,涉及到他的建議使用RSAKeyGenerationParameters

 // Create key 
     RsaKeyPairGenerator generator = new RsaKeyPairGenerator(); 

     /* 
     * This value should be a Fermat number. 0x10001 (F4) is current recommended value. 3 (F1) is known to be safe also. 
     * 3, 5, 17, 257, 65537, 4294967297, 18446744073709551617, 
     * 
     * Practically speaking, Windows does not tolerate public exponents which do not fit in a 32-bit unsigned integer. Using e=3 or e=65537 works "everywhere". 
     */ 
     BigInteger exponentBigInt = new BigInteger(exponent.ToString()); 

     var param = new RsaKeyGenerationParameters(
      exponentBigInt, // new BigInteger("10001", 16) publicExponent 
      new SecureRandom(), // SecureRandom.getInstance("SHA1PRNG"),//prng 
      keyStrength, //strength 
      certaninty);//certainty 
     generator.Init(param);

其他環節:包括

來源

2012-07-01 20:27:17 LamonteCristo

+0

這些建議很大程度上是由於[Coppersmith的攻擊](http://en.wikipedia.org/wiki/Coppersmith's_Attack)及其變體。 –

相關問題

 相關問題