Re: Raw RSA binary string and public key 'detection'

[Florian Weimer]

* Dirk-Willem van Gulik:

 Been looking at the Telnic (dev.telnic.org) effort.

 In essence; NAPTR dns records which contain private details such as a
 phone number. These are encrypted against the public keys of your
 friends (so if you have 20 friends and 3 phone numbers visible to all
 friends - you need 20 subdomains x 3 NAPTR entries under your
 master').

 Aside from the practicality of this - given a raw RSA encrypted block
 and a list of public keys - is there any risk that someone could
 establish which of those public keys may have been used to create that
 block ?

If the padding scheme is decent, this should not be possible without
breaking RSA.

However, the proposal limits keys to about 250*6 bits, which seems
rather restrictive for RSA keys.

I'm also concerned about reflective attacks were you ask someone who's
trusted by the data owner to decrypt the data for you, possibly in an
automated fashion.

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Raw RSA binary string and public key 'detection'

[Dirk-Willem van Gulik]

Been looking at the Telnic (dev.telnic.org) effort.

In essence; NAPTR dns records which contain private details such as a  
phone number. These are encrypted against the public keys of your  
friends (so if you have 20 friends and 3 phone numbers visible to all  
friends - you need 20 subdomains x 3 NAPTR entries under your 'master').


Aside from the practicality of this - given a raw RSA encrypted block  
and a list of public keys - is there any risk that someone could  
establish which of those public keys may have been used to create that  
block ? I.e. something which would be done in bulk for large  
populations; so the use of large tables and what not is quite warranted.


Thanks,

Dw

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]