On Thu, Jul 17, 2008 at 09:48:51AM -0500, Yuliya Shulman wrote:
> I'm not using OpenSSL to generate the list of primes. OpenSSl is using
> it in the following path:
>
> RSA_generate_key() - in rsa_depr.c
> RSA_generate_key_ex() in rsa_gen.c
> rsa_builtin_keygen() in rsa_gen.c
> BN_generate_prime_ex() in prime.c
> BN_is_prime_fasttest_ex() in bn_prime.c
>
> Algorithms of finding new primes are well-known, as is the biggest found
> prime.
The "big" known primes are very special "Mersenne" primes of the form:
2^p - 1. The biggest is (2^25,964,951)-1 (25 million bit prime). This
has no relevance to the security of primes used in RSA keys.
> Since I don't remember how big it is, I can't say whether it's
> ~512-bit or not. However, all the primes up to that one should be known,
> shouldn't they? That's what I meant.
>
No they can't possible all be "known" there are too many of them.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
