[pycrypto] Bug in Crypto.PublicKey.RSA?

Dwayne C. Litzenberger dlitz at dlitz.net
Wed Sep 10 09:06:46 CST 2008 

On Tue, Sep 09, 2008 at 08:03:32PM -0700, Bill Broadley wrote:
>>> >>> privkeyA = RSA.generate(keysize, rpool.get_bytes)
>>> Hangs forever.... well at least 10's of minutes.
>> 
>> I filed a bug report:
>> 
>>     https://bugs.launchpad.net/pycrypto/+bug/268101
>
>Ah, do you think that is an ubuntu bug?  Or a pycrypto?  I.e. can I fix it by 
>installing pycrypto myself.  I had thought I had just misunderstood.

It's a PyCrypto bug.  As far as I know, Ubuntu hasn't made many 
modifications to PyCrypto.

>> If "only the one encrypting should ever be able to decrypt the files", 
>> then why not use symmetric encryption?  It's much faster, and probably 
>> stronger in the long run (since most people don't use 8192-bit RSA 
>> keys).
>
>Mostly for the added protection of not having your private key on the system.
>I might even backup systems that aren't even under my control.  Scenarios like 
>"Hey, user departmental user X, to back up your machine install this program, 
>and use this public key."

Ah, that makes sense.

>Oh, as to performance my symmetric vs public key encryption tests didn't 
>find much difference:
[snip]
>So I'm not too concerned about 8.5 seconds 11.5MB/sec vs 10.5MB/sec.
>
>Am I missing something?

I was referring to is that if you don't get some benefit from public-key 
crypto, then you're better off not using it, since, according to NIST, you 
need a 15360-bit RSA key (!) to get comparable security to AES-256:

     http://csrc.nist.gov/publications/nistpubs/800-57/SP800-57-Part1.pdf
     (Table 2 on Page 63)

(Curiously, that table lists AES-256 as having 256 "bits of security", 
which doesn't sound right to me, but even if you want 128-bit security, 
it's claimed that you need at least 3072-bit RSA keys.  The number I've 
heard elsewhere was about 6100 bits, and I've seen others recommend at 
least 8192-bit RSA keys.)

Regards,
  - Dwayne

-- 
Dwayne C. Litzenberger <dlitz at dlitz.net>
  Key-signing key   - 19E1 1FE8 B3CF F273 ED17  4A24 928C EC13 39C2 5CF7
  Annual key (2008) - 4B2A FD82 FC7D 9E38 38D9  179F 1C11 B877 E780 4B45
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.dlitz.net/pipermail/pycrypto/attachments/20080910/06f1ce1e/attachment.pgp

More information about the pycrypto mailing list