[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Prime magnitude and keys...a ?

To: [email protected] (Jim choate), [email protected]
Subject: Re: Prime magnitude and keys...a ?
From: [email protected] (Mike Duvos)
Date: Fri, 17 Jun 1994 08:47:51 -0700 (PDT)
In-Reply-To: <[email protected]> from "Jim choate" at Jun 17, 94 09:51:50 am
Sender: [email protected]

Jim choate <[email protected]> writes:

 > I was wondering if anyone is aware of a function or test
 > which would allow a person to feed PGP or other RSA
 > algorithm a test key and then look at the result and
 > determine if the key was greater or lesser than the actual
 > key?

This is an approach that I haven't heard of before.  If one could
determine the numerical ordering of two different keys used to
RSA-encrypt the same piece of plaintext by examining the
ciphertext, one could easily break RSA by a binary search of the
keyspace.

Given two moduli N1 and N2, and some plaintext P, and PGP's
favorite encryption exponent, 17, you need to determine if
N1 < N2 by examining P^17 MOD N1 and P^17 MOD N2.  Although this
is only a one-bit function, it clearly depends upon P in a very
complicated way.  Since P is unknown and deliberately made random
in practical RSA implementations, I am not sure such an attack
shows much promise.  I would guess that this would be at least as
complicated as solving an RSA or discrete log problem directly.

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     [email protected]     $    via Finger.                      $

Follow-Ups:
- Re: Prime magnitude and keys...a ?
  - From: Jim choate <[email protected]>

References:
- Prime magnitude and keys...a ?
  - From: Jim choate <[email protected]>

Prev by Date: Bart Nagel in Mondo
Next by Date: Re: Bart Nagel in Mondo
Prev by thread: Re: Prime magnitude and keys...a ?
Next by thread: Re: Prime magnitude and keys...a ?
Index(es):
- Date
- Thread