[138210] in cryptography@c2.net mail archive
Re: Raw RSA binary string and public key 'detection'
daemon@ATHENA.MIT.EDU (Florian Weimer)
Sat Nov 22 19:47:53 2008
From: Florian Weimer <fw@deneb.enyo.de>
To: Dirk-Willem van Gulik <dirkx@webweaving.org>
Cc: Cryptography <cryptography@metzdowd.com>
Date: Sat, 22 Nov 2008 14:29:40 +0100
In-Reply-To: <FA32C3B6-08A3-4CB3-A597-786E50358268@webweaving.org>
(Dirk-Willem van Gulik's message of "Thu, 20 Nov 2008 10:14:47 +0100")
* Dirk-Willem van Gulik:
> Been looking at the Telnic (dev.telnic.org) effort.
>
> In essence; NAPTR dns records which contain private details such as a
> phone number. These are encrypted against the public keys of your
> friends (so if you have 20 friends and 3 phone numbers visible to all
> friends - you need 20 subdomains x 3 NAPTR entries under your
> master').
>
> Aside from the practicality of this - given a raw RSA encrypted block
> and a list of public keys - is there any risk that someone could
> establish which of those public keys may have been used to create that
> block ?
If the padding scheme is decent, this should not be possible without
breaking RSA.
However, the proposal limits keys to about 250*6 bits, which seems
rather restrictive for RSA keys.
I'm also concerned about reflective attacks were you ask someone who's
trusted by the data owner to decrypt the data for you, possibly in an
automated fashion.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
