On Tue, Dec 07, 2004, Jesse Hammons wrote: > > > Jesse Hammons wrote: > > > >> So to clarify: If I generate a 65-bit key, will I be able to use that > >> 65-bit key to sign any 64-bit value? > > > > Yes, but > > Actually, I have found the answer to be "no" :-) > > > a 65 bit key won't be very secure AT ALL, it will be > > very easy to factor a modulus that small. > > Security is not my goal. This is more of a theoretical exercise that > happens to have a practical application for me. > > > Bottom line: asymmetrical > > (public-key) encryption has a fairly large "minimum block size" that > > actually increases as key size increases. > > Indeed. I have found experimentally that: > * The minimum signable data quantity in OpenSSL is 1 byte > * The minimum size RSA key that can be used to sign 1 byte is 89 bits > * A signature created using a 64-bit RSA key would create a number 64 > bits long, BUT: > - This is not possible to do in OpenSSL because the maximum signable > quantity for a 64 > bit RSA key is only a few bits, and OpenSSL input/output is done on > byte boundaries > > Do those number sound right? >
It depends on the padding mode. These insert/delete padding bytes depending on the mode used. If you use the no padding mode you can "sign" data equal to the modulus length but less than its magnitude. Check the manual pages (e.g. RSA_private_encrypt()) for more info. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
