![]() ![]() If you use PuTTYgen to generate an RSA key on a computer that is potentially susceptible to timing- or cache-based side-channel attacks, such as a shared computer, the probable primes method is designed to resist such attacks, whereas the proven primes methods are not. There in one way in which PuTTYgen’s proven primes method is not strictly better than its probable primes method. This takes more effort, but it eliminates that theoretical risk in the probabilistic method. The other methods cause PuTTYgen to use numbers that it is sure are prime, because it generates the output number together with a proof of its primality. So, in practice, nobody worries about it very much. There is in theory a possibility that it might accidentally generate a number that isn’t prime, but the software does enough checking to make that probability vanishingly small (less than 1 in 2^80, or 1 in 10^24). The probable primes method sounds unsafe, but it’s the most commonly used prime-generation strategy.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |