Josh Glover writes:
> 2008/5/14 Nick Murtagh <nickm at go2.ie>:
>> > FRLinux wrote:
> >> The private key is still considered as untrustworthy as stated by the
> >> advisory. That is the way i understand it.
> >
> > From what point of view? Could someone take the public cert and
> > derive the private key from it?
>> IANAM (Mathematician), but I believe that it is impossible to derive a
> private key from a public one. There is just not enough information in
> the public key. References:
>>http://en.wikipedia.org/wiki/Digital_Signature_Algorithm#Key_generation>http://en.wikipedia.org/wiki/RSA#Key_generation>http://en.wikipedia.org/wiki/Diffie-Hellman#Description
if there are only 256k private keys, and each priv key has a corresponding
public key, then you can precompute all those priv/pub key pairs and map
the public key to the private key. That's what is possible right now.
for what it's worth, on my desktop I can generate a keypair in 0.2s, so I
could precompute those keypairs in 14.5 hours. and this task is
trivially parallelizable.
--j.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
