[cryptography] Why using asymmetric crypto like symmetric crypto isn't secure

Ralph Holz holz at net.in.tum.de
Sat Nov 3 07:50:47 EDT 2012


> In the past there have been a few proposals to use asymmetric cryptosystems,
> typically RSA, like symmetric ones by keeping the public key secret, the idea
> behind this being that if the public key isn't known then there isn't anything
> for an attacker to factor or otherwise attack.  Turns out that doing this
> isn't secure:
>   http://eprint.iacr.org/2012/588

A question: The attack seems to aim at getting n = p * q, and then
factor it. I.e. what they really show is that it is possible to derive
the public key from two plain/ciphertext pairs; alternatively a multiple
of n. In essence, there is no point in keeping the public key secret as
it can be guessed.

However, the factoring would still remain as a huge task for the
attacker, unless RSA is used at a meagre bit length, as in their example.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 551 bytes
Desc: OpenPGP digital signature
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20121103/cd3c6bb1/attachment.asc>

More information about the cryptography mailing list