|
Home > |
|---|
Luna G5 can create and manipulate cryptographic keys as specified by you (depending on type of key, etc.). However, for optimum performance we use default settings that assume a common range of sizes.
For example, the majority of our customers are expected to be using (say) RSA 1024-bit and 2048-bit keys. The nature of the RSA keygen math is such that multiple attempts to create a key might fail (testing for primality and other characteristics of intermediate numbers that are created and used in the process). The firmware and software take care of counts and retries when a keygen operation is requested. The only configurable timeout is for the driver, and that is set in the Chrystoki.conf (or chrystoki.ini) file.
The default setting for "KeypairGenTimeOut=600000" is appropriate for keys up to 2048 bits in size. For larger keys, the process might take longer and result in a timeout before completion. Therefore, if you intend to create 4096-bit RSA keys (or larger), we suggest that you explicitly set "KeypairGenTimeOut=2700000" in the "Luna" section of the chrystoki.conf or chrystoki.ini file.