Raw RSA binary string and public key 'detection'

Florian Weimer fw at deneb.enyo.de
Sat Nov 22 08:29:40 EST 2008

* Dirk-Willem van Gulik:

> Been looking at the Telnic (dev.telnic.org) effort.
> In essence; NAPTR dns records which contain private details such as a
> phone number. These are encrypted against the public keys of your
> friends (so if you have 20 friends and 3 phone numbers visible to all
> friends - you need 20 subdomains x 3 NAPTR entries under your
> master').
> Aside from the practicality of this - given a raw RSA encrypted block
> and a list of public keys - is there any risk that someone could
> establish which of those public keys may have been used to create that
> block ?

If the padding scheme is decent, this should not be possible without
breaking RSA.

However, the proposal limits keys to about 250*6 bits, which seems
rather restrictive for RSA keys.

I'm also concerned about reflective attacks were you ask someone who's
trusted by the data owner to decrypt the data for you, possibly in an
automated fashion.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list