[cryptography] Why using asymmetric crypto like symmetric crypto isn't secure

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sat Nov 3 05:29:39 EDT 2012


In the past there have been a few proposals to use asymmetric cryptosystems,
typically RSA, like symmetric ones by keeping the public key secret, the idea
behind this being that if the public key isn't known then there isn't anything
for an attacker to factor or otherwise attack.  Turns out that doing this
isn't secure:

  http://eprint.iacr.org/2012/588
  
  Breaking Public Keys - How to Determine an Unknown RSA Public Modulus
  Hans-Joachim Knobloch
  
  [...] We show that if the RSA cryptosystem is used in such a symmetric
  application, it is possible to determine the public RSA modulus if the
  public exponent is known and short, such as 3 or F4=65537, and two or more
  plaintext/ciphertext (or, if RSA is used for signing, signed
  value/signature) pairs are known.

Peter.



More information about the cryptography mailing list