Generating RSA keys

Some C code kindly donated by Aggelos Keromitis <>

Compiling the gmp library

This is real easy to install just do:

% gzip -d gmp-1.3.2.tar.gz | tar xf
% cd gmp-1.3.2
% make

Thats it!

Compiling Aggelos rsakg.c

Copy the rsakg.c file into the gmp-1.3.2 directory.

% cd gmp-1.3.2
% cc -o rsakg rsakg.c -L./ -lgmp

Copy your rsakg binary to where ever you keep your binaries and add/or it your search path.

Using Aggelos rsakg

It now takes key sizes in bits so to generate a 512 bit key you would do:

% rsakg 512

It will generate 2 files pubkey.rsa and seckey.rsa (may take it a minute or so depending on the speed of your machine) it should say:
Got one prime.
Got second prime.
written public key to "pubkey.rsa"
written secret key to "seckey.rsa"
as it runs.

then take a look at "pubkey.rsa":

e = 7f82b84bde3432563ea37745f9a01d859e41f0fb7eb9cf781f6f204266ec55087aaaa60dc4df6e50266b1957031515a08813fa0f1ee6aa377d915e352958eb5
n = ca870534aca46382c1f41530e526af108dcd6bf3d0a3e200b51c1844e315b5a73622b6129ffd9d2e299256a33f922961a702de46c584fc141204f74d8065b8d
and the "seckey.rsa":
d = 3fd15c1ec184d27bb5e692608b2526c627f5149ad269a443ba72e39ab0fd4114dbaceee8c385e64edbfd215d45267de6a81bf0f17b55abb293617a2910b602d
n = ca870534aca46382c1f41530e526af108dcd6bf3d0a3e200b51c1844e315b5a73622b6129ffd9d2e299256a33f922961a702de46c584fc141204f74d8065b8d

The e (public key exponent) and n (RSA modulus) numbers are your public key.

And the d (secret key exponent) number is your secret key, dont show anyone your d number!

Okay to use with perl-rsa you just use the numbers like this (msg being some data file you want to encrypt we encrypt the message "squeamish ossifrage" here):

% echo squeamish ossifrage > msg
% rsa -k=[e] -n=[n] < msg > msg.rsa
Then to decrypt (to the screen):
% rsa -d -k=[d] -n=[n] < msg.rsa
Where [e] [n] and [d] are the huge numbers in seckey.rsa and pubkey.rsa with those names, ie so you can cut and paste these into your shell:


% echo squeamish ossifrage > msg
% rsa -k=7f82b84bde3432563ea37745f9a01d859e41f0fb7eb9cf781f6f204266ec55087aaaa60dc4df6e50266b1957031515a08813fa0f1ee6aa377d915e352958eb5 -n=ca870534aca46382c1f41530e526af108dcd6bf3d0a3e200b51c1844e315b5a73622b6129ffd9d2e299256a33f922961a702de46c584fc141204f74d8065b8d < msg > msg.rsa


% rsa -d -k=3fd15c1ec184d27bb5e692608b2526c627f5149ad269a443ba72e39ab0fd4114dbaceee8c385e64edbfd215d45267de6a81bf0f17b55abb293617a2910b602d -n=ca870534aca46382c1f41530e526af108dcd6bf3d0a3e200b51c1844e315b5a73622b6129ffd9d2e299256a33f922961a702de46c584fc141204f74d8065b8d < msg.rsa

Choosing small public key exponents

You may have noticed that some of the examples use a small number for the public key exponent, PGP can do this because of the way it combines RSA with IDEA but if you are interested in security you shouldn't use small public exponents with pure RSA as it weakens the security somewhat. If you want to do it anyway, just to play with the numbers, or if you know what you're doing and are combining it with something else then you can generate them like this.

Just give rsakg a second argument which is your choice of public exponent. (This is usally quite small: PGP typically chooses 17 or 19, but you could choose 3 or 5 or whatever it's still going to work)

% rsakg 512 17

Comments, html bugs to me (Adam Back) at <>