Consider the following security game. Suppose that an attacker wants to decrypt the ciphertext c encrypted using
Question:
Consider the following security game. Suppose that an attacker wants to decrypt the ciphertext c encrypted using the RSA algorithm and obtain the plaintext m , where c = m e mod N . She knows neither the private key d nor the factorization of the modulus N . However, she can query an oracle (e.g., a program) with a ciphertext c’ ¹ c, and receives the corresponding plaintext m ’ = c ’ d mod N .
a. ( 10 pts ) The attacker can decrypt c and recover m . Show how.
b. ( 20 pts ) Consider the following RSA parameters and a challenge ciphertext
N: 4131050804701947615474143330647520043409422542555438899772006619584945340119494649404129371817979723151949121241703378752722699538230573280931110089904937167907235670950600408473367355490703599182689592510968586723123472663548236788459038268157326078778911167528038386964502552412608060108007769524518942771622175289823182473018026393098835614963683062594807036906626036129123789566927291732854619902597726403125881968574446179918998140970652556709962611125425594329231466588467030961620469125134654566923297538042292332544406175518916678210686925936341811732104917605118575775329334829543752265141266783630832854187
e: 65537
c: 286011333479246811807036978298499172055797623822007560823628330407176989331751815848494737394310492374805419675958067102325270756298968875428244016352736458046904203412669134207806910534413220489710408452767455368567189168921003750345234473915004072109521598843246444074965165007427386987929674642591506744871181356247565764232892236100024802851129256309465367597958913617035234759551640734971193268573642824284719009304086710729931481730871492097430958962565736552256356850187124726045482360175673464358349365112652477377441584665739736701619949825887312761535693506114283123294171040950993106172221548552046342629
Financial Markets And Institutions
ISBN: 978-0132136839
7th Edition
Authors: Frederic S. Mishkin, Stanley G. Eakins