On Thu, 4 Aug 2011 19:23, tigresetdrag...@yahoo.fr said: > cipher/rsa.c and I found that d is evaluated to match e*d mod f = 1 , > with f = phi/gcd((p-1),(q-1)) . > Why is it coded like that ? Is it safe ?
Using the universal exponent of n (lambda, in the code denoted as f) has the advantages that d will be smaller. And thus decryption will be faster. It is more a theoretical advantages because we choose p and q at random and thus lambda won't be much smaller than phi. Yes, it is secure. IIRC, X9.31 even requires that. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users