RSA an easy crack?

To: debian-security@lists.debian.org
Subject: RSA an easy crack?
From: DSC Siltec <dscpubl@siltec.lt>
Date: Fri, 26 Apr 2002 11:18:16 +0200
Message-id: <[🔎] 3CC91B58.F7633E3A@siltec.lt>

I hate to say this, but I think I have reason to believe that PGP
 might actually be an easy crack.  Before now, it probably was 
only easy to those with access to specially designed analog computers,
which means that it really wasn't a problem.  But there is 
now in the public domain an algorithm solution method that will
generate a fast numerical solution for most systems of differential
equations, given an initial value.

That means that a digital solution is out there, and I think that
people within the security community need to check this out before
someone outside the security community does.

Specifically, I think that if you have the public key, and the 
encrypted data, and know (or can guess) what the unencrypted data
is, then you can quickly deduce the private key.

That's bad... unless steps are taken to eliminate this hole.

 --- before I go on, for responses please cc: me at dscpubl@siltec.lt
---

Specifically, imagine a function that has a periodic nature at every
nth integer being 0, but being 1 at all other integers, and is in the
form of a broken triangular function.

__  ___  ___  ___  ___
  \/   \/   \/   \/   

Now, at one location, add in an upside down triangular function to make
the value 1 at that location.

__  ___  ________  ___  ___
  \/   \/        \/   \/ 

Also, define that the width of the triangle -- no matter what the
spacing --
is always, say +/- 0.25.

Now, define this function to be F, and define P to be the product of 
a whole bunch of functions F.  Now, define that a function F is to be
centered at any integer location where the value of the function is 1.

If you can do all that, then you can generate a function that will drop
out all the primes and only primes.  That is, the value of the function
will be 1 whereever there is a prime, and zero everywhere else.

Now go research the Parker-Souchacki solution to the Picard iteration. 
It's actually a very simple, fast algorithm that will generate bits in
linear time for any or most systems of equations or differential
equations.  (Developed by Ed Parker and Jim Souchacki of James Madison
University in Harrisonburg, VA USA... some info available on the web,
enough to learn their method.)

I am pretty sure that their method can be used in this way to generate
primes.  More than that, if you link the primes algorithm to the known
input data and the known output data and the public key, then
concievably you could have an algorithm that simply drops the digits of
the private key out one by one in almost no time.

--> Proposed solution:  It may be necessary to shift to white-noise
encryption for truly secure documents such as financial transactions. 
There are combinations of white-noise + PGP that may offer moderate
security for "mostly secure" documents.  More than that, our attitudes
about the security of RSA and PGP may need to change.

  - Mike


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: RSA not an easy crack
  - From: Michael Robinson <robinson@netrinsics.com>
- Re: RSA not an easy crack
  - From: Michael Robinson <robinson@netrinsics.com>

Prev by Date: Re: how to unsubscribe.
Next by Date: Re: disable RPC
Previous by thread: Re: how to unsubscribe.
Next by thread: Re: RSA not an easy crack
Index(es):
- Date
- Thread