gopher://codevoid.de/1/hn/comments

        _______               __                   _______
       |   |   |.---.-..----.|  |--..-----..----. |    |  |.-----..--.--.--..-----.
       |       ||  _  ||  __||    < |  -__||   _| |       ||  -__||  |  |  ||__ --|
       |___|___||___._||____||__|__||_____||__|   |__|____||_____||________||_____|
                                                             on Gopher (inofficial)
   URI Visit Hacker News on the Web
       
       
       COMMENT PAGE FOR:
   URI   RSA and Python
       
       
        mcint wrote 3 hours 29 min ago:
        > Should you use RSA in production always make sure to use numbers
        which are at least 512 Bit / 64 Byte long.
        
        512-bit RSA has been breakable, by academics, since before this
        millennium.
        
        > RSA number | Decimal digits | Binary digits | Cash prize offered |
        Factored on | Factored by
        
        > RSA155 | 155 | 512 | US$9,383[8] | August 22, 1999 | Herman te Riele
        et al. [1] Further, according to authors of the paper factoring RSA-768
        (bit), in 2009/10
        
        > it would be prudent to phase out usage of 1024-bit RSA within the
        next three to 
        four years. (p1, 2010)
        
   URI  [1]: https://en.wikipedia.org/wiki/RSA_Factoring_Challenge
   URI  [2]: https://eprint.iacr.org/2010/006.pdf
       
        chkas wrote 4 hours 47 min ago:
        I made a similar tutorial for RSA and DH in Easylangâa learning and
        teaching programming language I developed myself. What makes things a
        bit difficult is that Easylang doesn't support big numbers.
        
   URI  [1]: https://easylang.online/apps/tut_publk.html
       
        nayuki wrote 6 hours 25 min ago:
        I have a different take on the same topic: [1] My article isn't written
        as a step-by-step tutorial and doesn't come with example numbers. But
        mine fills in certain things that xnacly doesn't cover: random prime
        generation, efficiently calculating the decryption exponent d from (n,
        e) by using a modular inverse, using modular exponentiation instead of
        power-then-modulo.
        
        By the way for Python, modular exponentiation is pow(x, y, m) (since
        3.0), and modular inverse is pow(x, -1, m) (since 3.8, Oct 2019).
        
   URI  [1]: https://www.nayuki.io/page/java-biginteger-was-made-for-rsa-cr...
   URI  [2]: https://docs.python.org/3/library/functions.html#pow
       
        dfboyd wrote 6 hours 33 min ago:
        The way the article uses RSA is no better than a simple substitution
        cipher.  Both the "l"s in "hello" are enciphered to 2575.  It's a
        newspaper cryptogram.
        
        You're supposed to concatenate all the input numbers, to create a
        message that has hundreds or thousands of digits; then RSA-encrypt that
        number.
       
          hannob wrote 5 hours 17 min ago:
          > You're supposed to concatenate all the input numbers, to create a
          message that has hundreds or thousands of digits; then RSA-encrypt
          that number.
          
          That's not how it works...
          
          In modern protocols, you don't encrypt at all with RSA. You use a key
          exchange, and if you use RSA, you only use it as a signature
          algorithm to initiate the key exchange.
          
          If you happen to want to encrypt with RSA, which you usually
          shouldn't, you first use a padding algorithm (the modern variant of
          that is called RSA-OAEP) with which you prepare and then encrypt a
          random key. That key you then use for symmetric encryption.
       
          NewsaHackO wrote 5 hours 36 min ago:
          I thought it was a padding scheme, where you use a moving mask to
          obscure the plaintext, then encrypt that. Since it's being XOR'ed,
          adjacent characters will not have the same encryption values anymore.
          Sort of like using CBC instead of ECB for block ciphers. However,
          because this article is about the maths with RSA itself, he probably
          correctly thought it was not relevant to what he was writing about
          and would just unnecessarily complicate things.
       
          pfortuny wrote 5 hours 55 min ago:
          And pad! Padding for RSA is like CDM (?) for AES.
       
        gmiller123456 wrote 6 hours 51 min ago:
        One of the bigger hurdles in implementing RSA is having an algorithm
        which can multiply the large numbers in real time. If you try a niave
        multiplication algorithm, you might find you'll never get an answer. A
        lot of hardware now comes with special instructions which implement
        efficient algorithms for doing this.
       
          MattPalmer1086 wrote 6 hours 38 min ago:
          Sure, you can't use built in multiplication, but it isn't a very big
          hurdle.  Just use repeated squares, it's fairly trivial to implement.
           I've worked on software that did this on very low power mobile
          payment devices.
       
            SkiFire13 wrote 6 hours 9 min ago:
            Repeated squares is a way to implement exponentiation, not
            multiplication.
       
              MattPalmer1086 wrote 5 hours 20 min ago:
              Oops, yes, I meant exponentiation.  Which you need (mod n) in
              RSA.
       
        ashwinnair99 wrote 6 hours 52 min ago:
        RSA is one of those algorithms where understanding it once actually
        sticks.
       
       
   DIR <- back to front page