On 8/09/13 16:42 PM, Phillip Hallam-Baker wrote:
Two caveats on the commentary about a symmetric key algorithm with a
trapdoor being a public key algorithm.
1) The trapdoor need not be a good public key algorithm, it can be
flawed in ways that would make it unsuited for use as a public key
algorithm. For instance being able to compute the private key from the
public or deduce the private key from multiple messages.
2) The trapdoor need not be a perfect decrypt. A trapdoor that reduced
the search space for brute force search from 128 bits to 64 or only
worked on some messages would be enough leverage for intercept purposes
but make it useless as a public key system.
Thanks. This far better explains the conundrum. There is a big
difference between a conceptual public key algorithm, and one that is
actually good enough to compete with the ones we typically use.
The cryptography mailing list