0

What I've read:

Seems in practice, will first choose an e, then choose the 2 big primes p1 and p2.

What I've learned so far:

  • e is usually between (2^16, 2^32), e.g 2^16 + 1 = 65537. // TODO .. not sure
  • e should not be too large, otherwise the public-key operation is slow.

I've also try to read openssh source code, but can't figure out it yet.

Questions

  1. How openssh actually choose e, when creating a RSA key?
  2. If possible, can u point out relevant file/functions in the source code.
  3. If a software choose a fixed e (e.g 65537) instead of a random value, will that make the RSA key less secure?
Eric
  • 137
  • 1
  • 7

1 Answers1

4
  1. $e=65537$.
  2. See here and here.
  3. No, using fixed $e$ is the industry standard, and $e=65537$ is a particularly popular choice.
yyyyyyy
  • 12,081
  • 4
  • 47
  • 68
  • 3
    Addition: for reasons why $e=65537$ is more popular than $e=3$, see this. Notice that the choice of $p$ and $q$ must be compatible with $e$, if that's chosen and frozen first. The reason why sometime it's enforced $e<2^{32}$ is that's there's no much reason to increase $e$ beyond $65537$, and an historical limitation of a Windows API. – fgrieu Jan 04 '23 at 10:58