On 5/21/2015 at 3:45 PM, "Werner Koch" <[email protected]> wrote:
>Some guy >downloaded most RSA keys from a keyserver and tried to factor 1.9 >million moduli. They found 30 keys with a subkey having one of the >first 1000 primes as a factor. > I looked at 8 of those keys and > found that 2 are likely PGP created and 6 are by GPG. ===== When GnuPG creates and RSA keypair, is there a minimum *low* for primes it will ignore? (i.e. Will GnuPG reject a prime for key generation if it is one of the first 1000 primes, or first million primes, or any fixed lower level?) And if so, Is it feasible to mount an attack on a keypair by starting with trying successive primes greater than this lower bound, and possibly successfully find *some* GnuPG secret keys? TIA, vedaal _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
