Openssl software failure for RSA 16K modulus

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Openssl software failure for RSA 16K modulus
From: rsalz@xxxxxxxxxx (Salz, Rich)
Date: Thu, 21 Jul 2016 12:15:15 +0000
In-reply-to: <F2A95F8F-BCC8-4EC5-984F-8B77C91BBAA2@docusign.com>
References: <BN3PR07MB246737A3ABB76E4624723C9E97090@BN3PR07MB2467.namprd07.prod.outlook.com> <F2A95F8F-BCC8-4EC5-984F-8B77C91BBAA2@docusign.com>

> Largest accepted client key exchange message length seems to be set to 2048 bytes. 
> Key exchange for an RSA16k is slightly larger than that (exactly 2048 bytes of pure crypto payload, plus a few bytes of overhead).

> OpenSSL is too conservative here.

Why not use an ECC key?

We have to make trade-offs.  Who uses a 16K RSA key?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Follow-Ups:
- Openssl software failure for RSA 16K modulus
  - From: Salz, Rich

References:
- Openssl software failure for RSA 16K modulus
  - From: Gupta, Saurabh
- Openssl software failure for RSA 16K modulus
  - From: Erwann Abalea

Prev by Date: Openssl software failure for RSA 16K modulus
Next by Date: Openssl software failure for RSA 16K modulus
Previous by thread: Openssl software failure for RSA 16K modulus
Next by thread: Openssl software failure for RSA 16K modulus
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Security] [Bugtraq] [Linux] [Linux OMAP] [Linux MIPS] [ECOS] [Asterisk Internet PBX] [Linux API]

Powered by Linux