[Cfrg] Recommended Miller-Rabin iterations?

Simon Josefsson <simon@josefsson.org> Fri, 15 October 2010 09:22 UTC

Return-Path: <simon@josefsson.org>
X-Original-To: cfrg@core3.amsl.com
Delivered-To: cfrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BB3983A68E2 for <cfrg@core3.amsl.com>; Fri, 15 Oct 2010 02:22:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.662
X-Spam-Level:
X-Spam-Status: No, score=-102.662 tagged_above=-999 required=5 tests=[AWL=-0.063, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PNkzIfH2qwev for <cfrg@core3.amsl.com>; Fri, 15 Oct 2010 02:22:49 -0700 (PDT)
Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by core3.amsl.com (Postfix) with ESMTP id 764D53A6832 for <cfrg@irtf.org>; Fri, 15 Oct 2010 02:22:49 -0700 (PDT)
Received: from mocca (c80-216-27-64.bredband.comhem.se [80.216.27.64]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o9F9O4ak029720 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for <cfrg@irtf.org>; Fri, 15 Oct 2010 11:24:06 +0200
X-Hashcash: 1:22:101015:cfrg@irtf.org::0+um4P1jndrZLyBx:3ZU2
From: Simon Josefsson <simon@josefsson.org>
To: cfrg@irtf.org
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
Date: Fri, 15 Oct 2010 11:24:04 +0200
Message-ID: <8762x3oll7.fsf@mocca.josefsson.org>
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Virus-Scanned: clamav-milter 0.96.3 at yxa-v
X-Virus-Status: Clean
Subject: [Cfrg] Recommended Miller-Rabin iterations?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Oct 2010 09:22:50 -0000

Are there any established recommendations on the number of MR iterations
that crypto software should perform when generating primes?  My context
is DH parameters for TLS DHE, but pointers to recommendations that apply
to RSA prime generation would be appreciated too.  RFC 5246 and RFC 3447
are rather silent on this topic, or I missed it.

/Simon