crypto/rsa: change public exponent from 3 to 65537

Although there's still no concrete security reason not to use 3, I think Bleichenbacher has convinced me that it's a useful defense and it's what everyone else does. R=bradfitz, rsc CC=golang-dev https://golang.org/cl/5307060

crypto/rsa: change public exponent from 3 to 65537
Although there's still no concrete security reason not to use 3, I think Bleichenbacher has convinced me that it's a useful defense and it's what everyone else does. R=bradfitz, rsc CC=golang-dev https://golang.org/cl/5307060
4403e6b6 · Adam Langley · c3733b29 · 4403e6b6
Commit 4403e6b6 authored Oct 26, 2011 by Adam Langley
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 9 deletions

rsa.go src/pkg/crypto/rsa/rsa.go +1 -9

No files found.
--- a/src/pkg/crypto/rsa/rsa.go
+++ b/src/pkg/crypto/rsa/rsa.go
@@ -116,15 +116,7 @@ func GenerateKey(random io.Reader, bits int) (priv *PrivateKey, err os.Error) {
 // [2] http://www.cacr.math.uwaterloo.ca/techreports/2006/cacr2006-16.pdf
 func GenerateMultiPrimeKey(random io.Reader, nprimes int, bits int) (priv *PrivateKey, err os.Error) {
 	priv = new(PrivateKey)
-	// Smaller public exponents lead to faster public key
-	// operations. Since the exponent must be coprime to
-	// (p-1)(q-1), the smallest possible value is 3. Some have
-	// suggested that a larger exponent (often 2**16+1) be used
-	// since previous implementation bugs[1] were avoided when this
-	// was the case. However, there are no current reasons not to use
-	// small exponents.
-	// [1] http://marc.info/?l=cryptography&m=115694833312008&w=2
-	priv.E = 3
+	priv.E = 65537

 	if nprimes < 2 {
 		return nil, os.NewError("rsa.GenerateMultiPrimeKey: nprimes must be >= 2")