5 comments

[ 2.6 ms ] story [ 22.9 ms ] thread
Congrats on implementing Textbook RSA. Unfortunately as implemented this isn't really secure in any sense.

I'd encourage you to start reading here: http://crypto.stackexchange.com/questions/1448/definition-of...

And here is a full explanation: http://www.di.ens.fr/~pnguyen/pub_BoJoNg00.htm

agreed, this was purely experimental and intended for learning purposes, not production use. I've just added a disclaimer, thanks for providing those links, I'll definitely be going through them
I think you should put the disclaimer at the top of the github page, and clearly state that it is not secure.

The disclaimer currently is near the end of the document and says only "Purely experimental project. Designed for learning purposes not production use.".

Some people will miss that at the bottom of the page (after how to install, how to use, etc.), or might not realize that textbook RSA is insecure (https://crypto.stanford.edu/~dabo/courses/cs255_winter00/RSA...).

Yeah, don't actually use this. It's vulnerable to stuff that's been out of style for 20 years.

Strong suggestion: try https://nacl.cr.yp.to/ instead.

for sure, just added a disclaimer. worked on this merely to learn and get my hands dirty with python and building Clis