Hosting Provided By

Re: PGP scripting...

From: Pavel Kankovsky <peak(at)argo.troja.mff.cuni.cz>
Date: Thu Mar 27 2003 - 15:27:35 EST

On Wed, 26 Mar 2003, Bear Giles wrote:

> [...] While RSA itself is symmetrical, [...]

In theory, yes. In practice, no: most RSA implementations use a very small public exponent e (e.g. 2^16 + 1). Let us assume you keep such a small e as a private exponent, and give me the other exponent, d, as a public exponent (and the modulus N, of course). What happens? You lose: everything I have to do is to keep checking small numbers until I find e' such that x^(e'd) = x (mod N) for an arbitrary x. Then e = e'. I known both exponents, i.e. I know both the public and the corresponding private key (and I can compute the factorization of N for extra fun). Game over.

--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation." Received on Thu Mar 27 18:42:32 2003

This message: [ Message body ]
Next message: David Wheeler: "Secure Programming Presentation, April 3, Baltimore, MD"
In reply to Bear Giles: "Re: PGP scripting..."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:46 EDT