90.2K

Verified Solution

Link Copied!

Attacks on RSA Encryption

3. Here is the idea behind a different kind of attack on RSA. Suppose the modulus being used for encryption is n, and the plaintext message, represented as a number m, has k digits, where k is small, say less than 18. (RSA is frequently used just to transmit a key for another cryptosystem that then will be used for longer me sages.) You intercept the ciphertext, a number we'll denote by c. You also have the public RSA encryption key (n, e), but not the decryption exponent d, and not the factorization of n. a. Suppose you have a computer tabulate all the values cr( mod n) as I varies from 1 to 109. Call this Table A. Then you have the computer tabulate the values of ye( mod n) as y varies from 1 to 109. Call this Table B. As you compute the entries of Table B, you have a computer compare each of them to the entries of Table A, stopping if a match is found. In the worst case, how many steps (arithmetic or comparison) did the computer do? Is this reasonable with today's technology? b. Suppose you find a match, i.e., some number, say in row x, from Table A, is equal to some number, say in row y, from Table B. What is the relationship between r and y? (We are looking for, e.g., a mathematical equation or congruence here.) c. Use your answer to part b to find c in terms of x and y. Explain how this will allow you to deduce m. d. Suppose you find a match and have deduced m. Can the decryption exponent d or the primes p,q also be deduced from this attack? Justify your answer. 3. Here is the idea behind a different kind of attack on RSA. Suppose the modulus being used for encryption is n, and the plaintext message, represented as a number m, has k digits, where k is small, say less than 18. (RSA is frequently used just to transmit a key for another cryptosystem that then will be used for longer me sages.) You intercept the ciphertext, a number we'll denote by c. You also have the public RSA encryption key (n, e), but not the decryption exponent d, and not the factorization of n. a. Suppose you have a computer tabulate all the values cr( mod n) as I varies from 1 to 109. Call this Table A. Then you have the computer tabulate the values of ye( mod n) as y varies from 1 to 109. Call this Table B. As you compute the entries of Table B, you have a computer compare each of them to the entries of Table A, stopping if a match is found. In the worst case, how many steps (arithmetic or comparison) did the computer do? Is this reasonable with today's technology? b. Suppose you find a match, i.e., some number, say in row x, from Table A, is equal to some number, say in row y, from Table B. What is the relationship between r and y? (We are looking for, e.g., a mathematical equation or congruence here.) c. Use your answer to part b to find c in terms of x and y. Explain how this will allow you to deduce m. d. Suppose you find a match and have deduced m. Can the decryption exponent d or the primes p,q also be deduced from this attack? Justify your

Answer & Explanation Solved by verified expert

See Answer