2

I am trying to implement the RSA cryptography algorithm using C language. I am not sure of the size that each operand should have. Let me explain:

RSA requires to generate two huge prime numbers p and q, and compute their product n = pq. Let's suppose that we want to use a key size = 2048 bits.

So we generate two 2048-bits prime numbers. Hence their product is 4096 bits-wide. But as we said, our key size is 2048 bits ! So should we use only the low-part of this product i.e the 2048 less significant bits of n ?

Or should we limit the range of p and q to 1024 bits i.e half of the key size ?

I don't know what is the impact of these two options on the safety of the system.

1 Answers1

1

Yes, you need two primes of half the key size, since multiplication of two $$-bit integers are $2$-bit.

It is possible to use more primes for multi-prime RSA, in which case the cumulative prime sizes make up the key size. This can speed up the algorithm in case the Chinese Remainder Theorem (CRT) is used and it will speed up the generation of the primes as well.

A number that is $p \cdot q \bmod 2^{2048}$ cannot guarantee to produce two large primes and therefore it may be easily factored, so it will break the standard assumptions of the RSA problem. As the security of RSA relies on the problem it cannot rely on the RSA problem and is not likely to be secure - if the inversion with the other key works at all.

kelalaka
  • 49,797
  • 12
  • 123
  • 211
Maarten Bodewes
  • 96,351
  • 14
  • 169
  • 323