SSH and multi-prime RSA
yawnmoth
implementation uses them but they're defined, none-the-less, in
PKCS#1 / RFC3447.
I guess to an extent, all SSH implementations support it if you choose
not to utilize the Chinese Remainder Theorem to speed the decryption
process up and just take the d'th power of the ciphertext mod n, but
do they support all the extra parameters that the private key format
in PKCS#1 describes?
Simon Tatham
> Does puttygen support multi-prime RSA keys? I don't know if any SSH
> implementation uses them but they're defined, none-the-less, in
> PKCS#1 / RFC3447.
First I've heard of them! No, nothing in the PuTTY suite makes any
effort to support RSA keys with more than two factors. (Though
you're probably right that some parts of the code will still work,
simply by not noticing the difference.)
I'm not currently aware of any support for this case in the SSH
standards, either.
--
Simon Tatham "Selfless? I'm so selfless I
<ana...@pobox.com> don't even know who I am."
James H. Markowitz
> yawnmoth <terr...@yahoo.com> wrote:
>> Does puttygen support multi-prime RSA keys? I don't know if any SSH
>> implementation uses them but they're defined, none-the-less, in PKCS#1
>> / RFC3447.
>
> First I've heard of them! No, nothing in the PuTTY suite makes any
> effort to support RSA keys with more than two factors. (Though you're
> probably right that some parts of the code will still work, simply by
> not noticing the difference.)
I would have thought that for public key operations it makes no
difference whether the RSA modulus is the product of two or three primes,
right?
yawnmoth
Although I've not tried it, myself, you're right - it shouldn't make a
difference at all.