Security Basics mailing list archives
RE: Encryption question
From: "Burton M. Strauss III" <BStrauss () acm org>
Date: Wed, 25 Feb 2004 15:09:56 -0600
Because there's no simple transformation between keys. Instead, the simple transforms are from some unknown shared item. So private key=f(x) public key=g(x) which are easy, But the invert functions f'() and g'() are hard. Usually x is the product of two large prime numbers, so factoring it is the hard task. It turns out to be much easier to test if a number is prime than to determine it's factoring. -----Burton
-----Original Message----- From: Preston, Tony [mailto:Tony.Preston () acs-inc com] Sent: Tuesday, February 24, 2004 1:01 PM To: security-basics () securityfocus com Subject: Encryption question Tony Preston Systems Engineer, AS&T Inc. Division of L3 Corporation (609) 485-0205 x 181 I have what is a rather basic question... I probably am missing something so I thought I would ask here. Alice and Bob both have a public and private key. Alice encrypts her email to Bob using his public key. Sends the email and Bob decrypts it using his keys.. Since both Bob and Alice's public keys are known, Why can't I take Alice's public key and create a key pair using any other private key. Now, I fake an electronic signature from Alice using the pair I created and send a bogus encrypted message to Bob with my "fake" Alice signature. Bob checks the signature by using the public key and it is valid. Bob assumes the message is from Alice... What prevents me from spoofing someone's electronic signature this way? ------------------------------------------------------------------ --------- ------------------------------------------------------------------ ----------
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Encryption question Preston, Tony (Feb 25)
- Re: Encryption question Lars Georg Paulsen (Feb 25)
- Re: Encryption question Hollis Johnson (Feb 26)
- Re: Encryption question Lars Georg Paulsen (Feb 26)
- Re: Encryption question Hollis Johnson (Feb 26)
- Re: Encryption question Jamie Pratt (Feb 25)
- RE: Encryption question Burton M. Strauss III (Feb 25)
- Re: Encryption question Aaron Keck (Feb 25)
- Re: Encryption question Theo Chaojareon (Feb 25)
- Re: Encryption question Raghu Chinthoju (Feb 27)
- <Possible follow-ups>
- RE: Encryption question Gene LeDuc (Feb 25)
- Re: Encryption question SERGIO OTERO (Feb 25)
- RE: Encryption question Jordan, Jason D. "Dallas" (Feb 25)
- RE: Encryption question Prasad S. Athawale (Feb 26)
- RE: Encryption question Hollis Johnson (Feb 26)
- Re: Encryption question Lars Georg Paulsen (Feb 25)