RSA question
Alexander Klimov
alserkli at inbox.ru
Tue Aug 31 11:05:42 EDT 2010
On Tue, 31 Aug 2010, Justin Ferguson wrote:
> I'm not really much of a crypto guy so when the details come up it's
> often kind of hard for me to entirely wrap my head around. That said,
> I'm currently dealing with a situation where the public key,
> plain-text and cipher-text are all known to an attacker; furthermore,
> the random oracles/et cetera employed during the OEAP scheme are also
> known to the attacker. Furthermore, the attacker can modify those
> values (id est random oracle values of zero, or whatever the attacker
> wants) and repeat the plain-text to cipher-text process as they see
> fit. Furthermore, the key length exceeds the length of the message.
> Basically, only the private key is not under the attackers control.
>
> From that, what I am getting is that this is virtually the same as RSA
> without the padding scheme and should be vulnerable due to it being a
> deterministic algorithm; however my question is how much does it
> really reduce the complexity? Is an attack against this even feasible
> in any practical terms?
What is the goal of an attacker?
Since he knows plain-text, it is definitely not plain-text; on the
other hand, no operations with the public key can help the attacker to
get the private key, whether he does these operations himself or
observes somebody else doing them.
--
Regards,
ASK
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list