Re: RSA not an easy crack

To: debian-security@lists.debian.org
Subject: Re: RSA not an easy crack
From: Hubert Chan <hackerhue@geek.com>
Date: 26 Apr 2002 20:30:48 -0400
Message-id: <[🔎] 874rhy2daf.fsf@uhoreg.ca>
In-reply-to: <[🔎] 3CC9AF57.FAB19933@siltec.lt>
References: <[🔎] 3CC91B58.F7633E3A@siltec.lt> <[🔎] 20020426104711.GA14481@netrinsics.com> <[🔎] 3CC9AF57.FAB19933@siltec.lt>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "DSC" == DSC Siltec <dscpubl@siltec.lt> writes:

DSC> Actually, the beauty of the Parker Souchacki method is that it
DSC> would allow the simultaneous solution of a system of equations that
DSC> has one functional solution.  Which means that you only need one
DSC> set of equations, and it solves for all values at once,

DSC> Which means you might have only about 40 equations to solve, and
DSC> when you add the RSA algorithm, perhaps another 10-20.  The

I think that Michael's point was that you'd need
P * 340,282,366,920,938,463,463,374,607,431,768,211,456 equations; not
10-20.

BTW, why are you discussing this on debian-security, and not with some
real mathematicians?  (Not that there aren't any real mathematicians on
this list, but d-s is populated mostly with admins.)  Someone like
Schneier would be in a much better position than pretty much anyone on
this list to tell you whether or not you're right.  Even a professor
from a local University would probably know better.

DSC> However, the double-layered encryption, which always takes a
DSC> randomly generated number as its "raw data", does sound secure,
DSC> because the RNGs are going to be practically unbreakable (we hope
DSC> -- and that can be improved with white-noise CDs recorded from your
DSC> local waterfall.).

???  According to your proposal, an attacker only needs the public key,
the plaintext, and the ciphertext, all of which are easy to obtain.  The
public key is know due to it being public.  He can generate his own
plaintext, and generate a ciphertext "by hand," so the fact that every
PGP implementation uses a double layer encryption doesn't help.

Whether or not the digital signature on this message has been forged is
up to you to guess.  ;-)

- -- 
Hubert Chan <hackerhue@geek.com> - http://www.geocities.com/hubertchan/
PGP/GnuPG key: 1024D/71FDA37F
Fingerprint: 6CC5 822D 2E55 494C 81DD  6F2C 6518 54DF 71FD A37F
Key available at wwwkeys.pgp.net.   Encrypted e-mail preferred.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8yfEjZRhU33H9o38RAvUYAKCSTa1fPORg7ebHrwU6+m38RpzCYQCgw2Mb
aQOPRN6JLnYzenpnpMlvBOI=
=aHSP
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- RSA an easy crack?
  - From: DSC Siltec <dscpubl@siltec.lt>
- Re: RSA not an easy crack
  - From: Michael Robinson <robinson@netrinsics.com>
- Re: RSA not an easy crack
  - From: DSC Siltec <dscpubl@siltec.lt>

Prev by Date: Re: A more secure form of .htaccess?
Next by Date: Re: A more secure form of .htaccess?
Previous by thread: Re: RSA not an easy crack
Next by thread: Re: RSA not an easy crack
Index(es):
- Date
- Thread