Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

RSA Encryption

 [1/10] from: mattsmac::hotmail::com at: 13-Nov-2003 9:22


Can someone please explain to me, in as few mathematical equations as possible, why RSA public/private encryption works? The way it looks to me in the documentation that came with REBOL, you have to send the recieving party the public key. If this is the case, what stops some hacker from intercepting that public key and using it to decrypt the data? How is this any different from using a syncronous encryption method and then just sending the encryption key along with the data? It just doesn't make sense to me. Matt _________________________________________________________________ Compare high-speed Internet plans, starting at $26.95.

 [2/10] from: bga:bug-br at: 13-Nov-2003 12:33


On Thu, 13 Nov 2003 09:22:41 -0500, "Matt MacDonald" < [mattsmac--hotmail--com]> said:
> Can someone please explain to me, in as few mathematical equations as > possible, why RSA public/private encryption works? The way it looks
<<quoted lines omitted: 9>>
> sense > to me.
You misunderstood how it works. Let's suppose you (A) is trying to send an encrypted text to a friend (B): (A) gets the public key associated with (B). (A) encrypts the text to be sent using that key and send the encrypted text to (B). (B) will receive the encrypted text and uses his private key to decrypt it. Note it is not possible to decrypt the text with just the public key, so that's why a third person that somehow got the encrypted text would not be able to decrypt it without knowing the private key from (B). If all you want to do iss sign adocument, then you use your private lkey to sign it and anyway that knows your public key will be able to verify if the text was changed or something like that. -Bruno -- Fortune Cookie Says: Quidquid latine dictum sit, altum viditur. (Whatever is said in Latin sounds profound.)

 [3/10] from: mattsmac:hot:mail at: 13-Nov-2003 10:20


Is it possible to encrypt binary files (pictures, pdfs etc) this way? or only text files? Matt ------------------------------------------------------ On Thu, 13 Nov 2003 09:22:41 -0500, "Matt MacDonald" < [mattsmac--hotmail--com]> said:
>Can someone please explain to me, in as few mathematical equations as >possible, why RSA public/private encryption works? The way it looks to me
<<quoted lines omitted: 4>>
>sending the encryption key along with the data? It just doesn't make sense >to me.
You misunderstood how it works. Let's suppose you (A) is trying to send an encrypted text to a friend (B): (A) gets the public key associated with (B). (A) encrypts the text to be sent using that key and send the encrypted text to (B). (B) will receive the encrypted text and uses his private key to decrypt it. Note it is not possible to decrypt the text with just the public key, so that's why a third person that somehow got the encrypted text would not be able to decrypt it without knowing the private key from (B). If all you want to do iss sign adocument, then you use your private lkey to sign it and anyway that knows your public key will be able to verify if the text was changed or something like that. -Bruno _________________________________________________________________ Compare high-speed Internet plans, starting at $26.95.

 [4/10] from: maarten:vrijheid at: 13-Nov-2003 16:29


RSA is asymmetrical: you encrypt with the public key, and the receiving party decrypts with its private key. You use it normally to exchange a sessiosn key for a symmetrical block encryptor. Another application is signing a hash with a private key, then the receiving party can validate using your public key that the content of a message has not been tampered with. Choose the length long enough though (> 1024, preferable 2048). Does this help? --Maarten

 [5/10] from: mattsmac:hotmai:l at: 13-Nov-2003 10:34


And then I guess if there is ongoing communication, each side would need to have their own (different) private and public key?
>From: "Matt MacDonald" <[mattsmac--hotmail--com]> >Reply-To: [rebol-list--rebol--com]
<<quoted lines omitted: 38>>
>To unsubscribe from this list, just send an email to >[rebol-request--rebol--com] with unsubscribe as the subject.
_________________________________________________________________ Send a QuickGreet with MSN Messenger http://www.msnmessenger-download.com/tracking/cdp_games

 [6/10] from: maarten:vrijheid at: 13-Nov-2003 16:49


> Is it possible to encrypt binary files (pictures, pdfs etc) this way?
or
> only text files?
You'd use a block encryptor for that (AES, blowfish, ...) RSA can encrypt per encryption only the number of bits that equals the lenghh of its key. And it is terribly slow, that's why it is used for session key encryption most of the time. --Maarten

 [7/10] from: mattsmac:hotmai:l at: 13-Nov-2003 11:30


When I try to encrypt the encryption key, using the alternate party's public RSA key, I get a windows fault and the program has to close. Here is my code. Server --------- rsa-key: rsa-make-key rsa-generate-key rsa-key 1024 3 ; send client our public key insert last clients enbase rsa-key/n ; get the client's encrypted encryption key wait [(last clients) tout] crypt-key: debase first last clients ; decrypt it using our private key crypt-key: rsa-encrypt/private/decrypt rsa-key crypt-key Client ------- rsa-key: rsa-make-key wait fileserve rsa-key/n: debase first fileserve ; server's public key ; generate an encrypt/decrypt key for this session and ; encrypt it using fileserve's public key and send it to fileserve crypt-key: copy/part checksum/secure mold now/precise 16 crypt-key: rsa-encrypt rsa-key crypt-key insert fileserve enbase crypt-key Anything you see in here that would be causing some sort of fault or something? Matt

 [8/10] from: joel:neely:fedex at: 13-Nov-2003 11:14


Hi, Matt, I'll give it a shot... Matt MacDonald wrote:
>Can someone please explain to me, in as few mathematical equations as >possible, why RSA public/private encryption works? ... How is this >any different from using a syncronous encryption method and then just >sending the encryption key along with the data? It just doesn't make sense to me. >
Let's sneak up on it. For simplicity of examples, suppose that all of my messages will be made up of ONLY uppercase letters, spaces, periods, or question marks (29 possible characters). We can represent our characters via: 0 = space, 1-26 = A-Z, 27 = period, 28 = question mark and then encode messages by doing arithmetic on the numbers ( as long as our results are limited to the range 0-28). A trivial example would encode by adding some fixed value (mod 29) to the plaintext and decode by subtracting that same fixed value (mod 29) to the plain text. Here the here the algorithms for encoding and decoding are different, but the keys for those operations are the same. Let's make the algorithm the same (by adding the key mod 29 to each value), which means that the decoding key is must be the mod-29 complement of the encoding key. IOW, if I encode by adding 3, I decode by adding 26. In that simple case it is trivial to figure out the decoding key from the encoding key. Suppose I multiply by the encoding key (mod 29) instead. It's a bit more work, but still easy to figure out what decoding key I can multiply by (mod 29) to get back the original character. Suppose I use two encoding keys (a and b) and encode a character by evaluating encoded-character: a * plain-character + b // 29 Now it's slightly more complicated (or just plain time consuming) to figure out what values of (c and d) will give me plain-character: c * encoded-character + d // 29 i.e. the original character's number. Enough dinky examples. As we increase the mathematical complexity of the formula, we discover that that the effort to find the decoding key *EVEN IF WE KNOW THE ENCODING KEY AND THE FORMULA* can increase substantially. Public key cryptography is based on using certain mathematical operations that *NOBODY* knows how to invert in reasonable time. (Of course, that could change dramatically if quantum computing provides us a way to factor arbitrary huge numbers quickly!) Anyway, that's the core idea of why the public key can be made ... well ... public! without exposing the message content. HTH! -jn-

 [9/10] from: maarten:vrijheid at: 13-Nov-2003 18:19


I never used debase. REBOLs serialization is almost automagical. Better use load then. --Maarten

 [10/10] from: tomc:darkwing:uoregon at: 13-Nov-2003 13:38


bits is bits On Thu, 13 Nov 2003, Matt MacDonald wrote:

Notes
  • Quoted lines have been omitted from some messages.
    View the message alone to see the lines that have been omitted