On Sat, Jan 28, 2017 at 4:58 PM, Frank Migge
  1. Oct 16, 2017  Infineon RSA Key Generation Issue (yubico.com) 238 points by cimnine on Oct 16, 2017 hide. For a single key pair (on average, worst case is 2x that much). I'm not the one to judge if that's cheap or expensive enough to not worry about anybody ever breaking a key. I just have to point out that this key is equivalent to a real signature.
  2. Generating a Secure Shell (SSH) Public/Private Key Pair. Several tools exist to generate SSH public/private key pairs. The following sections show how to generate an SSH key pair on UNIX, UNIX-like and Windows platforms. Generating an SSH Key Pair on UNIX and UNIX-Like Platforms Using the ssh-keygen Utility.
  3. First, there is the Endorsement Key (EK), an asymmetric Key. Each TPM owns a unique and identifiable EK. As it is unique and identifiable, we can clearly see privacy issues. So the TCG created the AIK. An AIK is another key pair generated by the TPM, which will be signed by the EK. One can create multiple AIK.
  4. Implementation of RSA Key Generation based on RNS using Verilog International Journal of Communication Network Security ISSN: 2231 – 1882, Volume-1, Issue-4, 2012 13 2.1. Sieve Function The purpose of the sieve function is to reduce the times of the primality test which is the most time-consuming part of RSA key pair generation.
  5. Jun 22, 2012 SSH keys provide a more secure way of logging into a virtual private server with SSH than using a password alone. With SSH keys, users can log into a server without a password. This tutorial explains how to generate, use, and upload an SSH Key Pair.
<[hidden email]>

Aug 02, 2014  Primary key generation in JPA. Posted on August 2, 2014 by Robert Piasecki. Generation of primary key values is a very important functionality of relational database management systems. The main idea is to let RDBMS automatically calculate and assign primary key value to the row being inserted into the database table. This not only simplifies.

wrote:
Hi Mithun,
>> I have a embedded board P1010 RDB running openssl on VXWORKS 5.4 .
>> I am generating RSA 2048 and 3072 bit key pairs.
>> I am providing entropy to openssl by using RAND_seed from a HW RNG.
>> My average generation time for RSA 2048 key pair is 2 Minutes and 3072 is 8 minutes.
 I noticed embedded board key generation times vary by OS and OpenSSL version after converting a Altera Atlas FPGA SoC HPS from original 2013 Yocto Linux to latest Ubuntu. Under the old Yocto, key generation occasionally took up to 2 minutes. Same board under Ubuntu 16.04, 2048 RSA keys take consistently 2-5 seconds, while 3072 keys need around 8-16 seconds. Even running the system single core, the numbers don't change (on a low utilized system, using OS built-in /dev/urandom).
While I am on a different CPU and OS (32bit ARM v7 900Mhz dual core, 1GB 400Mhz RAM), your e500 PowerPC can't be to far behind. Your numbers seem to be off by a magnitude. You mentioned using a external HW RNG, could that be it?

Cheers,
Frank
Wednesday, January 25, 2017 1:10 AM
I'm afraid you will have to look at the OpenSSL source code, I haven't
paid much attention to that CPU recently.
Enjoy
Jakob
Monday, January 23, 2017 4:09 PM
Hi Jakob,
Can you please give me some reference/example of bignum optimization which I can check on powerpc architectures.
Is this any specific instruction set addition? or something more generic?
Thanks & Regards

Wednesday, January 18, 2017 1:08 AM

Smpk Key Pair Generation Failed Download


I believe this is a CPU intensive operation (if VxWorks can do
this, try observing the CPU load during).
Potential improvements:
1. Check if the CPU specific bignum optimizations for your CPU
variant have been enabled via the libcrypto CPU detection code
(for example, there are optimizations for different ARM cortex
variants).
2. Faster CPU (expensive obviously).
3. Do the generation in the background before the keypair is
needed, at a time when the extra CPU load is less of a problem.
Enjoy
Jakob
Tuesday, January 17, 2017 3:44 PM
Hi
I have a embedded board P1010 RDB running openssl on VXWORKS 5.4 .
I am providing entropy to openssl by using RAND_seed from a HW RNG.
My average generation time for RSA 2048 key pair is 2 Minutes and 3072 is 8 minutes.

Mithun

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

/grand-theft-auto-5-pc-key-generator.html. Previous: The quick key manipulation interface, Up: Unattended Usage of GPG [Contents][Index]

4.5.4 Unattended key generation

The command --generate-key may be used along with the option--batch for unattended key generation. This is the mostflexible way of generating keys, but it is also the most complex one.Consider using the quick key manipulation interface described in theprevious subsection “The quick key manipulation interface”.

The parameters for the key are either read from stdin or given as afile on the command line. The format of the parameter file is asfollows:

  • Text only, line length is limited to about 1000 characters.
  • UTF-8 encoding must be used to specify non-ASCII characters.
  • Empty lines are ignored.
  • Leading and trailing white space is ignored.
  • A hash sign as the first non white space character indicates a comment line.
  • Control statements are indicated by a leading percent sign, the arguments are separated by white space from the keyword.
  • Parameters are specified by a keyword, followed by a colon. Arguments are separated by white space.
  • The first parameter must be ‘Key-Type’; control statements may be placed anywhere.
  • The order of the parameters does not matter except for ‘Key-Type’ which must be the first parameter. The parameters are only used for the generated keyblock (primary and subkeys); parameters from previous sets are not used. Some syntactically checks may be performed.
  • Key generation takes place when either the end of the parameter file is reached, the next ‘Key-Type’ parameter is encountered or at the control statement ‘%commit’ is encountered.

Control statements:

%echo text

Print text as diagnostic.

Smpk key pair generation failed to start
%dry-run

Suppress actual key generation (useful for syntax checking).

%commit

Perform the key generation. Note that an implicit commit is done atthe next Key-Type parameter.

%pubring filename

Do not write the key to the default or commandline given keyring butto filename. This must be given before the first commit to takeplace, duplicate specification of the same filename is ignored, thelast filename before a commit is used. The filename is used until anew filename is used (at commit points) and all keys are written tothat file. If a new filename is given, this file is created (andoverwrites an existing one).

Smpk Key Pair Generation Failed Windows 10

See the previous subsection “Ephemeral home directories” for a morerobust way to contain side-effects.

%secring filename

This option is a no-op for GnuPG 2.1 and later.

See the previous subsection “Ephemeral home directories”.

%ask-passphrase
%no-ask-passphrase

This option is a no-op for GnuPG 2.1 and later.

%no-protection

Using this option allows the creation of keys without any passphraseprotection. This option is mainly intended for regression tests.

%transient-key

If given the keys are created using a faster and a somewhat lesssecure random number generator. This option may be used for keyswhich are only used for a short time and do not require fullcryptographic strength. It takes only effect if used together withthe control statement ‘%no-protection’.

General Parameters:

Key-Type: algo

Starts a new parameter block by giving the type of the primarykey. The algorithm must be capable of signing. This is a requiredparameter. algo may either be an OpenPGP algorithm number or astring with the algorithm name. The special value ‘default’ maybe used for algo to create the default key type; in this case a‘Key-Usage’ shall not be given and ‘default’ also be usedfor ‘Subkey-Type’.

Key-Length: nbits

The requested length of the generated key in bits. The default isreturned by running the command ‘gpg --gpgconf-list’.

Key-Grip: hexstring

This is optional and used to generate a CSR or certificate for analready existing key. Key-Length will be ignored when given.

Key-Usage: usage-list

Space or comma delimited list of key usages. Allowed values are‘encrypt’, ‘sign’, and ‘auth’. This is used togenerate the key flags. Please make sure that the algorithm iscapable of this usage. Note that OpenPGP requires that all primarykeys are capable of certification, so no matter what usage is givenhere, the ‘cert’ flag will be on. If no ‘Key-Usage’ isspecified and the ‘Key-Type’ is not ‘default’, all allowedusages for that particular algorithm are used; if it is not given but‘default’ is used the usage will be ‘sign’.

Subkey-Type: algo

This generates a secondary key (subkey). Currently only one subkeycan be handled. See also ‘Key-Type’ above.

Subkey-Length: nbits

Length of the secondary key (subkey) in bits. The default is returnedby running the command ‘gpg --gpgconf-list’.

Subkey-Usage: usage-list

Key usage lists for a subkey; similar to ‘Key-Usage’.

Passphrase: string

If you want to specify a passphrase for the secret key, enter it here.Default is to use the Pinentry dialog to ask for a passphrase.

Name-Real: name
Name-Comment: comment
Name-Email: email

The three parts of a user name. Remember to use UTF-8 encoding here.If you don’t give any of them, no user ID is created.

Smpk Key Pair Generation Failed Update

Expire-Date: iso-date (number[d w m y])

Set the expiration date for the key (and the subkey). It may eitherbe entered in ISO date format (e.g. '20000815T145012') or as number ofdays, weeks, month or years after the creation date. The specialnotation 'seconds=N' is also allowed to specify a number of secondssince creation. Without a letter days are assumed. Note that thereis no check done on the overflow of the type used by OpenPGP fortimestamps. Thus you better make sure that the given value makesense. Although OpenPGP works with time intervals, GnuPG uses anabsolute value internally and thus the last year we can represent is2105.

Creation-Date: iso-date

Set the creation date of the key as stored in the key information andwhich is also part of the fingerprint calculation. Either a date like'1986-04-26' or a full timestamp like '19860426T042640' may be used.The time is considered to be UTC. The special notation 'seconds=N'may be used to directly specify a the number of seconds since Epoch(Unix time). If it is not given the current time is used.

Preferences: string

Set the cipher, hash, and compression preference values for this key.This expects the same type of string as the sub-command ‘setpref’in the --edit-key menu.

Revoker: algo:fpr [sensitive]

Add a designated revoker to the generated key. Algo is the public keyalgorithm of the designated revoker (i.e. RSA=1, DSA=17, etc.)fpr is the fingerprint of the designated revoker. The optional‘sensitive’ flag marks the designated revoker as sensitiveinformation. Only v4 keys may be designated revokers.

Keyserver: string

This is an optional parameter that specifies the preferred keyserverURL for the key.

Handle: string

This is an optional parameter only used with the status linesKEY_CREATED and KEY_NOT_CREATED. string may be up to 100characters and should not contain spaces. It is useful for batch keygeneration to associate a key parameter block with a status line.

Here is an example on how to create a key in an ephemeral home directory:

Smpk Key Pair Generation Failed 2

Smpk Key Pair Generation Failed

If you want to create a key with the default algorithms you would usethese parameters:

Previous: The quick key manipulation interface, Up: Unattended Usage of GPG [Contents][Index]