Unformatted text preview: nt to decrypt the message with your private key. Assume you are use the a single pair of public and private key, (Kpub,Kpriv)
for both encryption/decryption and signing/verification.
Eve, the attacker, records an encrypted letter sent to you by someone else,
and ask you to sign this recorded message (and of course, return the signed
result to her). If you follow Eve’s request and sign on what Eve gives you, you
are actually decrypting your own secret letter for Eve.
=> It’s better to use different public/private key-pairs for different purposes, e.g.
one key-pair (Kpub1, Kpriv1) for letting people to send secret to you by
encrypting with Kpub1 and you can decrypt using Kpriv1; use a different pair
(Kpub2,Kpriv2) for digital-signature/verification, i.e. you use Kpriv2 to sign
outgoing messages and your intended receiptant can use Kpub2 to verify
Cube-root attack for e = 3: if m3 < n because the “mod” operation becomes null ,
i.e. m3 mod n = m3 = C and the attacker can obtain m by performing m = 3 C
With e = 3, sending exactly the same secret message to 3 or more people (using
3 or more public key) would reveal the secret message ;
3 See http://members.tripod.com/irish_ronan/rsa/attacks.html Public Key Cryptography Standard (PKCS) A llist of Standards (PKCS#1 to PKCS#15) on how to use RSA in
practice, regarding message formatting, information encoding
scheme, choice of parameters etc
Protected against the following “improper use” or attacks on RSA
including: Plaintext guessing Chosen ciphertext attack m3 < n Sending the same message to multiple people ;
This is done by pre-pending some fixed number of constant and
random bytes to the message to be encrypted/ decrypted
random Performance of RSA For hardware implementation, RSA is about 1000 times slower
than DES ; for software implementation, RSA is about 100 times
Time to do RSA decryption on a 1 MIPS VAX was around 30
seconds (VERY SLOW…) when it was invented in late 70’s
The inventors needed to wo...
View Full Document
- Fall '13
- Cryptography, Public-key cryptography