- you need 20 subdomains x 3 NAPTR entries under your
master').
Aside from the practicality of this - given a raw RSA encrypted block
and a list of public keys - is there any risk that someone could
establish which of those public keys may have been used to create that
block ?
If the padding
x 3 NAPTR entries under your 'master').
Aside from the practicality of this - given a raw RSA encrypted block
and a list of public keys - is there any risk that someone could
establish which of those public keys may have been used to create that
block ? I.e. something which would be done
raw RSA operations with user's private key. The
goal of the attacker is to be able to sign some useful messages with
the user's private key *after* the user disconnect his smart card.
The attacker can encrypt a subset of numbers - those that encrypt to
a B smooth number, but for this to be useful
Leichter, Jerry wrote:
| It is known, that given such an oracle, the attacker can ask for
| decryption of all primes less than B, and then he will be able to
| sign PKCS-1 encoded messages if the representative number is B-smooth,
| but is there any way to actually recover d itself?
RSA is
I don't follow. For RSA, the only difference between encryption and
decryption, and public and private key, and hence between chosen
plaintext and chosen ciphertext, is the arbitrary naming of one of
a pair of mutually-inverse values as the private key and the other
as the public key.
| | It is known, that given such an oracle, the attacker can ask for
| | decryption of all primes less than B, and then he will be able to
| | sign PKCS-1 encoded messages if the representative number is B-smooth,
| | but is there any way to actually recover d itself?
|
| RSA is
| Hi.
|
| If an attacker is given access to a raw RSA decryption oracle (the
| oracle calculates c^d mod n for any c) is it possible to extract the
| key (d)?
If I hand you my public key, I have in effect handed you an oracle that
will compute c^d mod n for any c. What you are asking is whether
On Thu, 7 Sep 2006, Leichter, Jerry wrote:
| If an attacker is given access to a raw RSA decryption oracle (the
| oracle calculates c^d mod n for any c) is it possible to extract the
| key (d)?
If I hand you my public key, I have in effect handed you an oracle that
will compute c^d mod n
Alexander Klimov asks:
If an attacker is given access to a raw RSA decryption oracle (the
oracle calculates c^d mod n for any c) is it possible to extract the
key (d)?
This is equivalent to asking whether factoring reduces to RSA inversion.
That is, given access to an RSA inversion oracle, can
| | If an attacker is given access to a raw RSA decryption oracle (the
| | oracle calculates c^d mod n for any c) is it possible to extract the
| | key (d)?
| If I hand you my public key, I have in effect handed you an oracle that
| will compute c^d mod n for any c. What you are asking
Hi.
If an attacker is given access to a raw RSA decryption oracle (the
oracle calculates c^d mod n for any c) is it possible to extract the
key (d)?
It is known, that given such an oracle, the attacker can ask for
decryption of all primes less than B, and then he will be able to
sign PKCS-1
11 matches
Mail list logo
