Subject | PKCS and RSA keys |
---|---|

Author | Jim Starkey |

Post date | 2005-04-18T21:25:41Z |

A good time back I said that within the RSA cryptosystem neither the

public nor private keys can be feasibly computed from the other. While

this is correct in theory, it is not true in practive. One of the two

private key formats used by RSA contains redundant information from

which the public key can be trivially computed.

The base RSA crypto system consists of a modulus (public), which is the

product of two or more large primes, and two integers. Cleartext is

represented as an integer. The message is encrypted by raising it to

the power on one integer and dividing by the modulus. The remainder is

the cryptotext. Cryptotext is decrypted by raising it to the power of

the other integer and dividing by the modulus. The remainder is the

cleartext. Note that the operation is symmetrical, and each integers

can decrypt a message encrypted by the other.

It isn't quite this simple in practice, however, since an official RSA

encryption requires that the clear text be encoded with a random number

and secure hash before encryption and decoded after decryption. But the

process is still symmetric if the short form of keys are used.

If, however, you encrypt with a public key thinking that an embedded but

retrievable secret key is going to be secure, you are going to be sorely

disappointed.

Sorry about this misinformation.

--

Jim Starkey

Netfrastructure, Inc.

978 526-1376

public nor private keys can be feasibly computed from the other. While

this is correct in theory, it is not true in practive. One of the two

private key formats used by RSA contains redundant information from

which the public key can be trivially computed.

The base RSA crypto system consists of a modulus (public), which is the

product of two or more large primes, and two integers. Cleartext is

represented as an integer. The message is encrypted by raising it to

the power on one integer and dividing by the modulus. The remainder is

the cryptotext. Cryptotext is decrypted by raising it to the power of

the other integer and dividing by the modulus. The remainder is the

cleartext. Note that the operation is symmetrical, and each integers

can decrypt a message encrypted by the other.

It isn't quite this simple in practice, however, since an official RSA

encryption requires that the clear text be encoded with a random number

and secure hash before encryption and decoded after decryption. But the

process is still symmetric if the short form of keys are used.

If, however, you encrypt with a public key thinking that an embedded but

retrievable secret key is going to be secure, you are going to be sorely

disappointed.

Sorry about this misinformation.

--

Jim Starkey

Netfrastructure, Inc.

978 526-1376