Re: Strength of RSA with known plain-text.
From: George Ou (533george_ou234_at_netzero234.com)
Date: Sun, 07 Sep 2003 21:13:14 GMT
On 7 Sep 2003 07:27:41 -0700, email@example.com (Rudy Koot) wrote:
>When using the RSA public-key algorithm. How difficult is it to
>calculate the private key if you know the public key, cipher text and
>plain-text. Is it just as difficult as when you don't know the
>plain-text or is it easier?
> -- Rudy Koot (_r_u_d_y_k_o_o_t_ at _h_o_t_m_a_i_l_ dot _c_o_m_)
First of all:
RSA is NEVER used to encrypt plain text. No public key system is used
to encrypt plain text.
RSA is only used in the following 2 ways.
Using your private key to encrypt the 160-bit SHA-1 hash of your
message for the purpose of digital signatures. The digital signature
offers source integrity, data integrity, and non-repudiation.
Someone else using your public key to encrypt a session key that they
want to send you in plain site of the public without worrying someone
that someone can steal that session key.
The session key is in turn used in a symmetric algorithm such as RC5,
AES, and 3DES in applications such as PGP, SSL, IPSEC, and so on. No
one in the right mind would use RSA to encrypt bulk data because it's
about 100-1000 times slower than the aforementioned symmetric
algorithms. Just about any system that uses RSA only use it to kick
start a symmetric cryptography session. RSA is only used because of
it's ability to perform public handshakes securely.
Using this 2 phase approach also has security benefits. You can keep
the first asymmetric RSA phase of the operation on a smart card for
users or a dedicated hardware cryptographic module for servers. This
way, the host computer never needs to know the private key because the
key pair was generated inside the HSM and the private key never leaves
the HSM. If a hacker ever rooted your server or a virus or worm ever
took over a user's personal computer, they can easily download your