Only against random attacks of course, if all attackers first check these keys, then removing them strengthens the algorithm against (non-random) brute-force attack. This said, the effort of explicitly avoiding these is probably wasted (unless one suspects one has a identically weak RNG).-- Viktor.I realize it's counter-intuitive, but even this is wrong. Suppose that there's an attack tool that everyone uses to attack a particular algorithm. It brute-forces passwords and follows a particular pattern. If you use an implementation that is known to not use the first 10,000 keys this algorithm tests, attackers will respond by skipping those 10,000 keys. The net result will only be a reduction in the keyspace. Even if every attacker tests a particular key first, it is a net loss in security to specifically avoid that key if you randomly chose it. Really. If you honestly and truly randomly selected the key, you should go with it. Otherwise, there's one less key for an attacker to test. DS
You are afraid of somebody DoS'ing RSA algorithm out of existense by repeating the Debian-style mistakes a couple more times?
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
