• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Reverse engineering of public key to generate a desired text

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security

View previous topic :: View next topic  
Author Message
sigma22
Just Arrived
Just Arrived


Joined: 01 Dec 2010
Posts: 0


Offline

PostPosted: Wed Dec 01, 2010 6:17 pm    Post subject: Reverse engineering of public key to generate a desired text Reply with quote

Hello All,

I have a query related to asymmetric encryption algorithms like RSA etc. The scenario is:

>> I have a public key of some organization. I want to generate a text which will have the specified length and specified bits set in the whole string when this text is decrypted by that public key.

Is it possible to generate such text with a minimum effort. Other than brute force, if there is some method, please tell me.
Back to top
View user's profile Send private message
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Fri Dec 03, 2010 7:20 pm    Post subject: Reply with quote

Hi sigma22,

First off, decryption must be done with the private key.

Quote:
the whole string when this text is decrypted by that public key.
I am not if that was a mistake on your part but I thought I would clarify.

Quote:
Is it possible to generate such text with a minimum effort.
No

It is not impossible to find the private key, via brute force, for a given public key of a small size, say 1024-bits if you are a government that is. For an individual it just impossible to achieve.

The best bet would be to perhaps use some known cryptographic failure in the algorithm to derive the key but generally algorithms which have failures are not widely used or are phased out where possible. Even if you could use one you would pretty much have to rely on your Phd in Cryptography to exploit it.

After reading your post again it got a little confused to what you are trying to achieve. Anyone can use the public key. Having the private key will enable you to do the following:

1 - Decrypt all data encrypted to the public key. You could MITM email and read all encrypted email for example
2 - Digitally sign any data which is outbound of the org. You could write an email from CEO of Evil Corp and encrypt using a 3rd party public key in this case Journalist@NewsPaper.com and sign the email. This would give you whats called non-repudiation to a certain degree.

Fire Ant
Back to top
View user's profile Send private message
sigma22
Just Arrived
Just Arrived


Joined: 01 Dec 2010
Posts: 0


Offline

PostPosted: Fri Dec 03, 2010 7:29 pm    Post subject: Reply with quote

hi Fire Ant,

the purpose of my question is for particular scenario. I have my application which decrypts some input using the public key embed in source code. After decryption, my application checks some bits.
Now, the input to my application is the serial number which i have encrypted in my organization and then distribute. I want that hacker should not be able to generate more serial numbers even after knowing which bits my application check.


[/code]
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register