Selection of RSA public key index

1. What is RSA public key index?
Let's first understand the process of establishing RSA keys. As shown in the figure below:

(1) Choose two different large prime numbers p and q;
(2) Calculate the common modulus (n=pq) and Euler number (eular=(p-1)(q-1));
(3) Select public key exponent e;
(4) Calculate inverse(d);
(5) Generate public key and private key;
e in the above process is the public key exponent.
2. Selection of
public key index The public key index can be selected at will, but in order to improve the encryption speed of RSA, the three longest values ​​of public key index in actual use are 3, 17, 65537 (=2^16+1, There are only two 1s in the binary representation of 65537, so 17 multiplications are required to achieve exponential operation). PEM recommends 3. PKCS#1 recommends 3 or 65537. X.509 recommends 65537. This selection is mainly to improve the performance of encryption or signature verification, because 3, 17, or 65537 only require 2 or 17 modular multiplication operations, respectively, while a randomly selected e (assuming n is 1024-bit) requires approximately 1000 modular multiplications. Multiplication operation. This method deliberately selects the public key exponent to be smaller, and the corresponding private key exponent will be large. The purpose of this method is to save the time of public key calculations. Because public key encryption is used in normal use, most people's time needs to be saved. And very few people will use the private key to decrypt, so only a few obey the majority.
When choosing a public key index, people generally think that 3 and 17 are not as secure as 65537. However, this idea has no reasonable basis. In fact, there is no security problem when using any of these three values. The premise is to use the correct filling scheme.