[Cryptography] PGP -- Can someone help me understand something?

Jeremy Stanley fungi at yuggoth.org
Thu Aug 9 14:02:16 EDT 2018 

On 2018-08-09 06:45:50 +0000 (+0000), Matt Maxson wrote:
[...]
> I don't know enough to even start searching.
[...]

The terms you're looking for are "asymmetric encryption" and
"public-key cryptography."

> if someone has access to both a PGP encrypted email and a plain
> text version of the same email, can an attacker determine the key.
[...]

This has less to do with PGP itself, and more to do with the various
asymmetric cryptographic algorithms on which it relies. The answer
as to "what makes them hard to solve?" differs depending on which
algorithms is in use, but a good example to take is RSA. The
Wikipedia article on RSA provides a fairly straightforward
explanation:

    https://en.wikipedia.org/wiki/RSA_(cryptosystem)#Operation

Your hypothesis that this should be solvable with basic algebraic
reduction assumes there is an algebraic solution to factorization
(in the case of RSA anyway). There are plenty of equations for which
algebra or any other known techniques are simply not effective at
finding a solution. As of now at least, there is no publicly-known
method for factoring the product of large and well-chosen prime
numbers which can be accomplished in polynomial time (that is to
say, particularly faster than just trying every possible value until
one works) even with the aid of current computing technology. The
problem of recovering the private key when you only know the public
key and the plaintext message is basically the same as the problem
of recovering the plaintext message when you know only the public
key and the encrypted message.

In a more general sense, not speaking of just RSA, the algorithms
used by PGP are chosen for their lack of a known solution which can
be attempted in a useful amount of time when employing sufficiently
strong keys (where "useful" is generally defined as something less
than the eventual heat death of the Universe).
-- 
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180809/f5ae3253/attachment.sig>

More information about the cryptography mailing list