Thank you for all your answers. Very helpful. Norm
arne-5 wrote: > > > > On Tue, 16 Dec 2008, BiGNoRm6969 wrote: > >> Ok. I am a little bit confused. You are telling me that a same data >> encrypted >> with the same key can generate different results? How can the decryption >> process can succeed ?! >> >> Maybe it's my cryto knowledge that are limited, but I was sure that one >> output correspond to one input. > > Then it would be possible to guess plaintext from cryptogram. E.g. you > encrypt "OK". Attacker can also encrypt "OK" and then compare it with the > captured cryptogram. If they are same he knows that you sent "OK". > > Plain RSA works like this. Thats why padding is applied to plaintext > before it is encrypted. Padding contains random data that the attacker > cannot guess, therefore you get different cryptograms for same plaintext > and attacker cannot perform its encrypt-and-compare attack. > > The random data is removed during decryption. When you look at the > plaintext it seems that RSA encryption/decryption is deterministic, whilst > internally strong random numbers are utilized. > > Of course the ratio of random/known plaintext must be sufficiently high. > Adding just one byte of random does not help much - attacker can create > 256 cryptograms for OK and compare them all. > > regards, > Arne > >> >> I run my tests couples of time and it always gives me the same output >> result >> each times (meaning that the peuso-random generator always gives the same >> number?). >> >> You are probably right, but could you confirm me that my tests are made >> correctly (using a longer array than the size passed to the encryption >> function) ? >> >> >> >> >> >> >> Dr. Stephen Henson wrote: >>> >>> On Mon, Dec 15, 2008, BiGNoRm6969 wrote: >>> >>>> >>>> Hi, the OpenSSL documentation tells : >>>> >>>> "RSA_public_encrypt() encrypts the flen bytes at from (usually a >>>> session >>>> key) using the public key rsa and stores the ciphertext in to. to must >>>> point >>>> to RSA_size(rsa) bytes of memory. " >>>> >>>> >>>> I made a test and I saw something strange. I used theses arrays for my >>>> tests: >>>> >>>> unsigned char* test1 = new unsigned char[5]; >>>> test1[0] = 'a'; >>>> test1[1] = 'b'; >>>> test1[2] = 'c'; >>>> test1[3] = 'd'; >>>> test1[4] = 'e'; >>>> >>>> unsigned char* test2 = new unsigned char[4]; >>>> test2[0] = 'a'; >>>> test2[1] = 'b'; >>>> test2[2] = 'c'; >>>> test2[3] = 'd'; >>>> >>>> >>>> Here is my test: >>>> >>>> RSA_public_encrypt(4, test1, encryptedLine1, publicKey, >>>> RSA_PKCS1_PADDING); >>>> RSA_public_encrypt(4, test2, encryptedLine2, publicKey, >>>> RSA_PKCS1_PADDING); >>>> >>>> The two results (stored in encryptedLineX...) are not the same and I >>>> don't >>>> understand why. The first argument is not supposed to be the length >>>> (in >>>> bytes) of the data to be encrypted ? So in the two cases, the >>>> encryption >>>> is >>>> not supposed to bo on caracter 1 to 4 !? >>>> >>> >>> This is expected behaviour and is due to the nature of that padding >>> mode. >>> It >>> includes some pseudo random data which is different on each invocation. >>> So >>> even if you encrypt the same data using the same key you will get a >>> different >>> output each time. >>> >>> Steve. >>> -- >>> Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage >>> OpenSSL project core developer and freelance consultant. >>> Homepage: http://www.drh-consultancy.demon.co.uk >>> ______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> User Support Mailing List openssl-users@openssl.org >>> Automated List Manager majord...@openssl.org >>> >>> >> >> -- >> View this message in context: >> http://www.nabble.com/RSA_public_encrypt%28%29-strange-result-output...-is-it-a-bug-%21--tp21022467p21032487.html >> Sent from the OpenSSL - User mailing list archive at Nabble.com. >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager majord...@openssl.org >> > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > > -- View this message in context: http://www.nabble.com/RSA_public_encrypt%28%29-strange-result-output...-is-it-a-bug-%21--tp21022467p21052732.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
