#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2013
    Posts
    1
    Rep Power
    0

    RSA 128bit public-key encryption problem


    I have to solve this problem, any insights would be helpful.
    Alice represents a company AAA that is considering buying Bob’s company, BBB. Eve knows about the proposed transaction and she will be able to gain financial advantage if she can find out as quickly as possible the details of the deal. Eve can intercept the messages from Alice to Bob. She knows that they will communicate using the RSA public-key encryption algorithm. She has Bob’s public key (e,n) where e=3 and n is 128-bit long. She does not have Bob’s private key. Eve also knows that the messages will be constructed as follows:

    1. An initial e-mail is sent by Alice to Bob to let him know of AAA’s decision about trying or not to buy BBB. For a “no” decision, the message is 0. For “yes”, the message is 1. The value 0 or 1, respectively, is then encrypted using the RSA algorithm.
    2. The next day, Alice sends Bob an e-mail to inform him of the proposed price offered. The message consists of a number representing the price in pounds. This number is encrypted using RSA. Eve estimates the price to be between 20 million and 30 million.
    3. A third message is sent on the third day from Alice, consisting of a longer text discussing some initial details of the deal. For this e-mail, she uses the following method of encryption: each individual character of the text is viewed as the ASCII code of that character. The number thus obtained for each character is then encrypted using the RSA algorithm, and the resulting list of numbers is sent.
    4. The following day Alice again writes a long e-mail discussing further details of the deal. For this e-mail, she uses the following method of encryption: each single word of the text is viewed as a number by concatenating the 8-bit ASCII codes of each letter. The number thus obtained for each word is then encrypted using the RSA algorithm and the resulting list of numbers is sent.


    Discuss whether Eve can find efficient methods of retrieving each of the original messages. If you can think of several methods, describe them all. However, do not describe generic attacks, only attacks that are particularly suited to this specific scenario.
    For each attack you identified, give a rough estimation of the time Eve would need to succeed, using only one computer. The estimates of the time should be of the type: a few seconds, a few minutes, 1 hour, a few hours, one day, one week or longer. You may make assumptions about the speed of her computer, for example you could assume it can perform RSA to encrypt or to decrypt (if encryption, respectively decryption key is given) one number in 1 millisecond.
    For each of the attacks you identified, propose changes to the encryption scheme to prevent such an attack.
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    May 2007
    Posts
    765
    Rep Power
    929
    Specific questions will get you better answers, especially if you start out by describe your current approach and what isn't working. It is difficult to help if we don't know exactly what you don't understand. It is even more difficult to help with all you do is drop your assignment on the forum as we will not do your homework for you.

    Here are a few questions that may point you in the right direction:

    Research how RSA encryption works. What do small values like zero and one will encrypt to?

    Research why padding schemes are used with RSA and what attacks they block. What vulnerabilities would exist in a protocol that doesn't use padding?

    The encryption schemes used in the third and fourth part are essentially a form of ECB encryption. What vulnerabilities does ECB have and how can they be applied here?

    Research how RSA public & private keys are generated and the relationship between them. Under what circumstances can the private key be reverse engineered from the public key?

    Comments on this post

    • mah$us agrees : Follow Omega's suggestions, and you'll learn well from your homework!
    sub{*{$::{$_}}{CODE}==$_[0]&& print for(%:: )}->(\&Meh);

IMN logo majestic logo threadwatch logo seochat tools logo