Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [key-generation]

Key generation is the process of generating keys for cryptographic purposes.

Key generation is the process of generating keys for cryptographic purposes.

To prevent a key from being guessed, keys need to be generated randomly and contain sufficient entropy. When a “password” is used as a key, well-designed cryptosystems first run it through a function which adds a salt and compresses or expands it to the desired key length.

195 questions
57
votes
3 answers

Do these new insights into prime numbers affect encryption security?

Quanta Magazine reports: Two mathematicians have uncovered a simple, previously unnoticed property of prime numbers [...]. Prime numbers, it seems, have decided preferences about the final digits of the primes that immediately follow them. Among…
user
  • 513
  • 4
  • 7
40
votes
1 answer

What is “Fast Prime”?

In this note, the manufacturer of a RSA key generation gizmo vulnerable to the new ROCA attack (see second section) explains that it is common practice to employ acceleration algorithms in order to generate key pairs, especially if time resources…
fgrieu
  • 149,326
  • 13
  • 324
  • 622
17
votes
3 answers

Are all possible EC private keys valid?

I usually generate a key pair using OpenSSL or Bouncy Castle. I'm using curve secp256k1. The 256bit private keys look fairly random. Do all values of "private key" have a corresponding public key? If so, can the public key be found for all arbitrary…
Thomas Von Panom
  • 669
  • 1
  • 5
  • 11
16
votes
2 answers

How much can we compress RSA public keys?

To what degree can we define an RSA variant, with a security argument that it is as safe as regular RSA with a given modulus size $m$ (e.g. $m=2048$), in which the public key has a compact representation of $k\ll m$ bits? We can fix the public…
fgrieu
  • 149,326
  • 13
  • 324
  • 622
14
votes
2 answers

Should RSA primes $p$ and $q$ differ in length by "a few digits"?

When generating RSA keys in the original RSA paper it is stated: to gain additional protection against sophisticated factoring algorithms, p and q should differ in length by a few digits Why is this? How many is "a few digits"? And how important…
gtrwoot
9
votes
4 answers

Can we pick which key is private or public in asymmetric encryption? Do the keys actually encrypt and decrypt a cipher text?

Could you help me better understand how the key-pair works in Asymmetric encryption? I'm studying cryptography at the surface level first. While reading multiple texts and talking with colleagues I'm still not sure about two things. After…
Tomasz Nazarenko
  • 209
  • 2
  • 5
9
votes
2 answers

State of the art RSA key generation

I would like to know if there is an algorithm to generate a RSA key at the state of the art of the present cryptanalysis. Beside the key lenght I know there are some weakness in the choice of prime numbers that could help an attacker to factor the…
ddddavidee
  • 3,364
  • 2
  • 24
  • 34
7
votes
1 answer

Is there a correct way to generate a symmetric key?

Looking in some cryptographic algorithms, I've realized that: The way the plain text is encrypted/decrypted is always specified, but what about the key? Every paper I've seen describing the algorithm never show a way to generate a key, but show the…
Sid
  • 173
  • 1
  • 1
  • 4
7
votes
1 answer

Generating suitable prime numbers for Paillier key pair in GG18

I am working on MPCs (multi party computation) in crypto, and now I am developing a implementation of GG 18. In sign phase, algorithm needs MtA (Multiplicative to Additive) and uses a Paillier key pair for this. Paillier uses modulus $N$ ($N=p_1 *…
user109261
  • 83
  • 4
7
votes
1 answer

RSA public keys such that encryption is identity

In this question, we restrict to RSA public keys $(n,e)$ such that $n$ and $e$ are odd, $3\le e
fgrieu
  • 149,326
  • 13
  • 324
  • 622
6
votes
1 answer

Schnorr groups allowing fast modular reduction, vs GNFS

I'm looking for Schnorr groups allowing fast modular reduction. Say, using the notation in DSA, with 256-bit prime $q$ and 3072-bit prime $p$, and $p\equiv1\pmod q$. Are there standards, RFC, or other references about this? I'm considering choosing…
fgrieu
  • 149,326
  • 13
  • 324
  • 622
6
votes
1 answer

curve25519 by openSSL

How can i generate ec curve25519 keys using openSSL? When I run openssl ecparam -name curve25519 -genkey -noout -out private.ec.key I have this message unknown curve name (curve25519)
Vito Lipari
  • 161
  • 1
  • 1
  • 5
6
votes
1 answer

Is forward secrecy overhyped or necessary?

Forward Secrecy, also perfect forward secrecy, gives assurance about session keys even the private key is compromised. This is achieved by generating a random key per session without using a deterministic generation algorithm. In this answer's quote…
kelalaka
  • 49,797
  • 12
  • 123
  • 211
6
votes
1 answer

Generating a NIST P-256 private key

From the Curve25519 spec I learned that it possible to take a random 32 bytes and with a few operations make it on the curve: To generate a 32-byte Curve25519 secret key, start by generating 32 secret random bytes from a cryptographically safe…
O. Nasirov
  • 63
  • 1
  • 4
6
votes
2 answers

Why are ephemeral/session/temporary keys useful?

One reason that communication protocols use ephemeral keys is to help with implementing Perfect Forward Security. They're also used in SSL to go from using RSA to using a faster symmetric encryption. Why else are ephemeral keys used? In particular,…
theicfire
  • 161
  • 1
  • 1
  • 4
1
2 3
12 13