Robert D. Silverman
A number of cryptographic standards currently under development place restrictions on the primes that are used in the generation of an RSA key. In particular, in section 4.1.2 of the X9.31-1997 standard for public key cryptography there are a number of recommendations regarding the generation of primes that make up and RSA modulus including that they be "strong."
In this article we will examine these criteria. The position of RSA Laboratories is that virtually all of these requirements are unnecessary. In particular, we will show that the relevance of strong primes to the security of RSA is, at best, doubtful. However, given this position, we will outline in this article a fast way of generating random strong primes that also satisfy a number of other cryptographic requirements. The method requires no more time to generate strong primes than it takes to generate random primes.
This contribution appears as an article in Cryptobytes, volume 3, number 1, page 9, and has also been found at CiteSeer.
Password Research Links
Links to papers by many authors from 1992 to the present
related to password-based public key cryptography,
zero-knowledge password proofs,
or so-called "strong password authentication".
David Jablon
This page was last modified on October 9, 2004.
IEEE Home Page
IEEE Standards
IEEE P1363