On Wed, Aug 17, 2005, Tan Eng Ten wrote: > Hi all, > > This is a general crypto question and I hope someone could help me > out. > > Often we use RSA of 512, 1024, 2048, 4096, etc. bit lengths. Are > other sizes such as 520/1045 bit "valid"? Mathematically, it should > work, > but are there reasons why odd sizes are not to be used?
One reason is interoperability. Some software (notably MS stuff based on CryptoAPI including MSIE) places restrictions on the key sizes and parameters. For public keys the only restriction is that the public exponent (e) can't exceeed 32 bits. For private keys the key size must be also be a multiple of 64 bits and every CRT parmeter must be either the key size of half the key size, this means that the two primes p and q must have the ame size for example. The main reason for this is that the internal format (PRIVATEKEYBLOB) has problems representing parameters which don't fit these criteria. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
