I hope this question makes sense. But let's say I create a Certificate with MAKECERT.EXE like this:
makecert -r -sr LocalMachine -ss my -a sha256 -sky exchange -n "CN=Hello World"
Now let's say I run this on two different (Windows) machines. Statistically what are the chances the certificates on the two different machines will have the same Public Key?
If this question does not make sense, I'd appreciate an explanation as to why it doesn't.
Thanks.
makecert defaults to a 1024-bit RSA key.e=65537.1e151.1e75 mark.
4.5e741.5e752.4e753.7e755.3e759.6e75p < q) then we get:
5e150 * 1e151 ~= 5e301 different 1024-bit values of RSA n.1e150 runs.3e1505e1508e1501e1512e151At 1 million keys per second (1e6) for all ~86000 seconds per day you get 8.6e10 keys per day. To have a "millionth of a percent" chance (1/1e8) of a collision you'll need over 1e136 days of computation. That's 3e133 years. The universe, currently, is believed to be 1.4e10 years old. So, you need about 2.3e123 universes to have even that high of a chance (give or take a couple universes).
BTW, my computer can only do ~100 1024-bit keys per core-second (right around 10ms per), so I'm assuming you have about 10,000 of them chugging away at this problem.
Unless we model in CSPRNG state collision and VM rollback (to cause CSPRNG state collision), the answer is: effectively impossible.