Mrthfx

Allow console draw poker game to output more hands

Besides PR credit, does diversity provide anything that meritocracy does not?

Was there a pre-determined arrangement for the division of Germany in case it surrendered before any Soviet forces entered its territory?

How to extract specific values/fields from the text file?

Boss asked me to sign a resignation paper without a date on it along with my new contract

How do I avoid the "chosen hero" feeling?

Why is Shelob considered evil?

How can I give a Ranger advantage on a check due to Favored Enemy without spoiling the story for the player?

Is there a way to pause a running process on Linux systems and resume later?

Plausible reason for gold-digging ant

Possible issue with my W4 and tax return

Is it possible to detect 100% of SQLi with a simple regex?

Coombinatorics- The number of ways of choosing with parameters

How to completely remove a package in Ubuntu (like it never existed)

Are all power cords made equal?

Democratic Socialism vs Social Democracy

Co-worker sabotaging/undoing my work (software development)

Buying a "Used" Router

Word for something that's always reliable, but never the best?

Why did Ylvis use "go" instead of "say" in phrases like "Dog goes 'woof'"?

Why do neural networks need so many examples to perform?

Count repetitions of an array

How do you get out of your own psychology to write characters?

What does an unprocessed RAW file look like?

Insecure private-key encryption

Encryption/ciphers/codes in ChineseHow can a Encrypt-And-MAC scheme be insecure if the encryption is CCA secure?Combining public key signature schemes and private key encryptionSingle public key for NaCL signing and encryption?Storing RSA private keyAsymmetry between public key and private key: digital signatures use the private key for “encryption”?Anatomy of an RSA private keyIs the private key of a private/public key pair also a symmetric key?Security of expanded keyDerivable encryption key - BIP0032 parallel

3

$begingroup$

I am learning about crytography and the differences between the public and private keys encryption examples and I was wondering if it is possible to have a private key encryption scheme that is completely insecure? I have not been able to find what that could look like but I'm curious? Or is this not possible? Is the encryption scheme always secure with private keys?

encryption symmetric

share|improve this question

edited 15 hours ago

Ilmari Karonen

35k373138

asked 22 hours ago

droidnoob

$endgroup$

migrated from stackoverflow.com 17 hours ago

This question came from our site for professional and enthusiast programmers.

add a comment | 

3

$begingroup$

I am learning about crytography and the differences between the public and private keys encryption examples and I was wondering if it is possible to have a private key encryption scheme that is completely insecure? I have not been able to find what that could look like but I'm curious? Or is this not possible? Is the encryption scheme always secure with private keys?

encryption symmetric

share|improve this question

edited 15 hours ago

Ilmari Karonen

35k373138

asked 22 hours ago

droidnoob

$endgroup$

migrated from stackoverflow.com 17 hours ago

This question came from our site for professional and enthusiast programmers.

add a comment | 

$begingroup$

I am learning about crytography and the differences between the public and private keys encryption examples and I was wondering if it is possible to have a private key encryption scheme that is completely insecure? I have not been able to find what that could look like but I'm curious? Or is this not possible? Is the encryption scheme always secure with private keys?

encryption symmetric

share|improve this question

edited 15 hours ago

Ilmari Karonen

35k373138

asked 22 hours ago

droidnoob

$endgroup$

share|improve this question

edited 15 hours ago

Ilmari Karonen

35k373138

asked 22 hours ago

droidnoob

share|improve this question

edited 15 hours ago

Ilmari Karonen

35k373138

asked 22 hours ago

droidnoob

edited 15 hours ago

Ilmari Karonen

35k373138

edited 15 hours ago

Ilmari Karonen

35k373138

2 Answers
2

active

oldest

votes

7

$begingroup$

Any encryption scheme can be insecure if the key space is small enough.

For example, you could perform encryption with an 8 bit RSA key. For a key of that size, it's trivial to determine the private key given the public key.

share|improve this answer

answered 22 hours ago

dbushdbush

23615

$endgroup$

• 
  
  
  

  
  

  
  
  
  
  
  

  
  $begingroup$
  would this be true even with a small message space? Or that wouldn't factor in?
  $endgroup$
  – droidnoob
  22 hours ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  $begingroup$
  @droidnoob If your key is insecure nothing else matters. For example given an 8 bit RSA public key with exponent 3 modulus 187, it's trival to factor the modulus into 11 and 17, calculate lamda(187) = lcm(11-1,17-1) = 80, then calculate the private exponent d = 3^-1 mod 80 = 27.
  $endgroup$
  – dbush
  21 hours ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  $begingroup$
  thanks for reply. can I ask you one more? What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?
  $endgroup$
  – droidnoob
  21 hours ago
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  $begingroup$
  @droidnoob If you mean a poorly designed encryption algorithm, then yes.
  $endgroup$
  – dbush
  21 hours ago
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  $begingroup$
  You could derive a subkey in your scheme that is much smaller than the input key, e.g. by hashing it and taking the leftmost bits. The original, large key could be completely secure - protected by the cryptographic hash - but you have again an encryption scheme with a small key space. Presto.
  $endgroup$
  – Maarten Bodewes♦
  20 hours ago
  

  
  
  
  

 | 
show 1 more comment

5

$begingroup$

What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?

Yes, certainly. For example, consider the following encryption scheme:

• The key is a 256 bit (or, heck, 512 or 1024 bit if you want) string chosen uniformly at random by a cryptographically secure true random number generator, stored securely in a locked vault deep underground, with multiple armed guards watching the entrance 24/7.




• The encryption method doesn't use the key for anything, and instead encrypts the data using rot13.




• The decryption method is the same as the encryption method.

share|improve this answer

answered 14 hours ago

Ilmari KaronenIlmari Karonen

35k373138

$endgroup$

add a comment | 

Your Answer

StackExchange.ifUsing("editor", function () {
return StackExchange.using("mathjaxEditing", function () {
StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix) {
StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["$", "$"], ["\\(","\\)"]]);
});
});
}, "mathjax-editing");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "281"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f67586%2finsecure-private-key-encryption%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

7

$begingroup$

Any encryption scheme can be insecure if the key space is small enough.

For example, you could perform encryption with an 8 bit RSA key. For a key of that size, it's trivial to determine the private key given the public key.

share|improve this answer

answered 22 hours ago

dbushdbush

23615

$endgroup$

• 
  
  
  

  
  

  
  
  
  
  
  

  
  $begingroup$
  would this be true even with a small message space? Or that wouldn't factor in?
  $endgroup$
  – droidnoob
  22 hours ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  $begingroup$
  @droidnoob If your key is insecure nothing else matters. For example given an 8 bit RSA public key with exponent 3 modulus 187, it's trival to factor the modulus into 11 and 17, calculate lamda(187) = lcm(11-1,17-1) = 80, then calculate the private exponent d = 3^-1 mod 80 = 27.
  $endgroup$
  – dbush
  21 hours ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  $begingroup$
  thanks for reply. can I ask you one more? What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?
  $endgroup$
  – droidnoob
  21 hours ago
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  $begingroup$
  @droidnoob If you mean a poorly designed encryption algorithm, then yes.
  $endgroup$
  – dbush
  21 hours ago
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  $begingroup$
  You could derive a subkey in your scheme that is much smaller than the input key, e.g. by hashing it and taking the leftmost bits. The original, large key could be completely secure - protected by the cryptographic hash - but you have again an encryption scheme with a small key space. Presto.
  $endgroup$
  – Maarten Bodewes♦
  20 hours ago
  

  
  
  
  

 | 
show 1 more comment

7

$begingroup$

Any encryption scheme can be insecure if the key space is small enough.

For example, you could perform encryption with an 8 bit RSA key. For a key of that size, it's trivial to determine the private key given the public key.

share|improve this answer

answered 22 hours ago

dbushdbush

23615

$endgroup$

• 
  
  
  

  
  

  
  
  
  
  
  

  
  $begingroup$
  would this be true even with a small message space? Or that wouldn't factor in?
  $endgroup$
  – droidnoob
  22 hours ago
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  $begingroup$
  @droidnoob If your key is insecure nothing else matters. For example given an 8 bit RSA public key with exponent 3 modulus 187, it's trival to factor the modulus into 11 and 17, calculate lamda(187) = lcm(11-1,17-1) = 80, then calculate the private exponent d = 3^-1 mod 80 = 27.
  $endgroup$
  – dbush
  21 hours ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  $begingroup$
  thanks for reply. can I ask you one more? What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?
  $endgroup$
  – droidnoob
  21 hours ago
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  $begingroup$
  @droidnoob If you mean a poorly designed encryption algorithm, then yes.
  $endgroup$
  – dbush
  21 hours ago
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  $begingroup$
  You could derive a subkey in your scheme that is much smaller than the input key, e.g. by hashing it and taking the leftmost bits. The original, large key could be completely secure - protected by the cryptographic hash - but you have again an encryption scheme with a small key space. Presto.
  $endgroup$
  – Maarten Bodewes♦
  20 hours ago
  

  
  
  
  

 | 
show 1 more comment

$begingroup$

Any encryption scheme can be insecure if the key space is small enough.

For example, you could perform encryption with an 8 bit RSA key. For a key of that size, it's trivial to determine the private key given the public key.

share|improve this answer

answered 22 hours ago

dbushdbush

23615

$endgroup$

share|improve this answer

answered 22 hours ago

dbushdbush

23615

answered 22 hours ago

dbushdbush

23615

answered 22 hours ago

dbushdbush

23615

5

$begingroup$

What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?

Yes, certainly. For example, consider the following encryption scheme:

• The key is a 256 bit (or, heck, 512 or 1024 bit if you want) string chosen uniformly at random by a cryptographically secure true random number generator, stored securely in a locked vault deep underground, with multiple armed guards watching the entrance 24/7.




• The encryption method doesn't use the key for anything, and instead encrypts the data using rot13.




• The decryption method is the same as the encryption method.

share|improve this answer

answered 14 hours ago

Ilmari KaronenIlmari Karonen

35k373138

$endgroup$

add a comment | 

5

$begingroup$

What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?

Yes, certainly. For example, consider the following encryption scheme:

• The key is a 256 bit (or, heck, 512 or 1024 bit if you want) string chosen uniformly at random by a cryptographically secure true random number generator, stored securely in a locked vault deep underground, with multiple armed guards watching the entrance 24/7.




• The encryption method doesn't use the key for anything, and instead encrypts the data using rot13.




• The decryption method is the same as the encryption method.

share|improve this answer

answered 14 hours ago

Ilmari KaronenIlmari Karonen

35k373138

$endgroup$

add a comment | 

$begingroup$

What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?

Yes, certainly. For example, consider the following encryption scheme:

• The key is a 256 bit (or, heck, 512 or 1024 bit if you want) string chosen uniformly at random by a cryptographically secure true random number generator, stored securely in a locked vault deep underground, with multiple armed guards watching the entrance 24/7.




• The encryption method doesn't use the key for anything, and instead encrypts the data using rot13.




• The decryption method is the same as the encryption method.

share|improve this answer

answered 14 hours ago

Ilmari KaronenIlmari Karonen

35k373138

$endgroup$

share|improve this answer

answered 14 hours ago

Ilmari KaronenIlmari Karonen

35k373138

answered 14 hours ago

Ilmari KaronenIlmari Karonen

35k373138

answered 14 hours ago

Ilmari KaronenIlmari Karonen

35k373138