Hi,
I know this has already been discussed here:
Supported exponents for 4096 bit RSA keys on Nitrokey Pro
but it would be very useful to know of the Nitrokey HSM2 also supports 4096 RSA keys with an exponent of 3. Also, is it possible for the key to be generated on the key with an exponent of 3?
BTW I acknowledge that there will be a degradation in the strength of the encryption with this exponent.
Regards,
Tony.
sc-hsm
February 17, 2022, 2:19pm
2
You can specify the public exponent at the APDU level in the GENERATE ASYMMETRIC KEY PAIR command:
F5 C: 00 46 01 00 - GENERATE ASYMMETRIC KEY PAIR Lc=61 Extended
0007 5F 29 01 00 42 0E 44 45 43 41 30 30 30 30 31 30 _)..B.DECA000010
0017 30 30 30 31 7F 49 13 06 0A 04 00 7F 00 07 02 02 0001.I..........
0027 02 01 02 82 01 03 02 02 10 00 5F 20 10 55 54 54 .........._ .UTT
0037 45 53 54 4B 45 59 30 31 30 30 30 30 30 ESTKEY0100000
Le=0 Extended
The public exponent is defined in Tag 82 at offset 0x002A. The middleware always sets 65537 as default.
Disclaimer: Using a public exponent other than 65537 is outside the CC-certified algorithms for the platform.
My1
April 17, 2022, 12:48am
3
I am curious, why do you want an exponent of 3?