Reverse engineering of public key to generate a desired text

Networking/Security Forums -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security

Author: sigma22 PostPosted: Wed Dec 01, 2010 6:17 pm    Post subject: Reverse engineering of public key to generate a desired text
    ----
Hello All,

I have a query related to asymmetric encryption algorithms like RSA etc. The scenario is:

>> I have a public key of some organization. I want to generate a text which will have the specified length and specified bits set in the whole string when this text is decrypted by that public key.

Is it possible to generate such text with a minimum effort. Other than brute force, if there is some method, please tell me.

Author: Fire AntLocation: London PostPosted: Fri Dec 03, 2010 7:20 pm    Post subject:
    ----
Hi sigma22,

First off, decryption must be done with the private key.

Quote:
the whole string when this text is decrypted by that public key.
I am not if that was a mistake on your part but I thought I would clarify.

Quote:
Is it possible to generate such text with a minimum effort.
No

It is not impossible to find the private key, via brute force, for a given public key of a small size, say 1024-bits if you are a government that is. For an individual it just impossible to achieve.

The best bet would be to perhaps use some known cryptographic failure in the algorithm to derive the key but generally algorithms which have failures are not widely used or are phased out where possible. Even if you could use one you would pretty much have to rely on your Phd in Cryptography to exploit it.

After reading your post again it got a little confused to what you are trying to achieve. Anyone can use the public key. Having the private key will enable you to do the following:

1 - Decrypt all data encrypted to the public key. You could MITM email and read all encrypted email for example
2 - Digitally sign any data which is outbound of the org. You could write an email from CEO of Evil Corp and encrypt using a 3rd party public key in this case Journalist@NewsPaper.com and sign the email. This would give you whats called non-repudiation to a certain degree.

Fire Ant

Author: sigma22 PostPosted: Fri Dec 03, 2010 7:29 pm    Post subject:
    ----
hi Fire Ant,

the purpose of my question is for particular scenario. I have my application which decrypts some input using the public key embed in source code. After decryption, my application checks some bits.
Now, the input to my application is the serial number which i have encrypted in my organization and then distribute. I want that hacker should not be able to generate more serial numbers even after knowing which bits my application check.


[/code]



Networking/Security Forums -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group