I hear you. Let me discuss this with my colleagues, and get back to the list if they see good reasons to add this check.
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. From: Bill Cox Sent: Friday, July 31, 2015 20:09 To: openssl-dev@openssl.org Reply To: openssl-dev@openssl.org Subject: Re: [openssl-dev] common factors in (p-1) and (q-1) On Fri, Jul 31, 2015 at 4:43 PM, Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu> wrote: I think adding the recommended check would be beneficial. Considering the frequency of key generation, performance impact shouldn't matter all that much. Samuel's argument above is one I've heard before from Thomas Porin, which is why I was not recommending we do or do not do this check. I was just estimating the performance hit. I personally have not gone over the paper Samuel linked to other than to read the abstract. However, assuming the paper's claims are correct, which seems to be backed up by these two fine cryptography experts, I think the additional check would do more harm than good. Bill
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
