How does openssh actually choose the public exponent 'e' when generating a RSA key?

Eric

1/4/24, 10:36 AM

What I've read:

Seems in practice, will first choose an e, then choose the 2 big primes p1 and p2.

What I've learned so far:

e is usually between (2^16, 2^32), e.g 2^16 + 1 = 65537. // TODO .. not sure
e should not be too large, otherwise the public-key operation is slow.

I've also try to read openssh source code, but can't figure out it yet.

Questions

How openssh actually choose e, when creating a RSA key?
If possible, can u point out relevant file/functions in the source code.
If a software choose a fixed e (e.g 65537) instead of a random value, will that make the RSA key less secure?

1 + 0

Score:4

Crypto

yyyyyyy

1/4/24, 10:51 AM

$e=65537$.
See here and here.
No, using fixed $e$ is the industry standard, and $e=65537$ is a particularly popular choice.

+ 1

fgrieu

1/4/24, 10:58 AM

Addition: for reasons why $e=65537$ is more popular than $e=3$, see [this](https://crypto.stackexchange.com/q/8454/555). Notice that the choice of $p$ and $q$ must be compatible with $e$, if that's chosen and frozen first. The reason why sometime it's enforced $e<2^{32}$ is that's there's no much reason to increase $e$ beyond $65537$, and an historical limitation of a Windows API.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How does openssh actually choose the public exponent 'e' when generating a RSA key?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.