[cryptography] RSA question

Justin Ferguson jnferguson at gmail.com
Tue Aug 31 13:13:38 EDT 2010


> To prevent this, the message must be unguessable.  It must contain a large
> secret random number, (padding) or else must *be* a large secret random
> number.

The crux of the question is, how much does it affect things if that
secret is not so secret?

> The usual procedure is to generate a large random number, encrypt it using
> RSA, and use this secret number to symmetrically encrypt the actual message.

An attacker under control of the local machine on which encryption
occurs can simply single step through the process and retrieve all of
the secret information sans the private key.

> The answer to your question is a question:  Are you RSA encrypting a secret,
> and if you are, is the secret sufficiently random?

I'm not entirely following the question, are we referring to the
plain-text or the bytes used for padding? The plaintext is not secret,
but neither is the padding; the attacker can control, modify, observe,
et cetera the entire encryption process; which as I'm understanding in
core concept undermines the purpose of the padding?

More information about the cryptography mailing list