Question: In this exercise, we illustrate the problem of using nonprobabilistic cryptosystems, such as schoolbook RSA, imprudently. Nonprobabilistic means that the same sequence of plaintext letters
In this exercise, we illustrate the problem of using nonprobabilistic cryptosystems, such as schoolbook RSA, imprudently. Nonprobabilistic means that the same sequence of plaintext letters maps to the same ciphertext. This allows traffic analysis (i.e., to draw some conclusion about the cleartext by merely observing the ciphertext) and in some cases even to the total break of the cryptoystem. The latter holds especially if the number of possible plaintexts is small. Suppose the following situation: Alice wants to send a message to Bob encrypted with his public key pair (n, e). Therefore, she decides to use the ASCII table to assign a number to each character (Space rightarrow 32, ! rightarrow 33, ..., A rightarrow 65, B rightarrow 66, ..., ~ rightarrow 126) and to encrypt them separately. Oscar eavesdrops on the transferred ciphertext. Describe how he can successfully decrypt the message by exploiting the nonprobabilistic property of RSA. Bob's RSA public key is (n, e) = (3763, 11). Decrypt the ciphertext y = 2514, 1125, 333, 3696, 2514, 2929, 3368, 2514 with the attack proposed in 1. For simplification, assume that Alice only chose capital letters A-Z during the encryption. Is the attack still possible if we use the OAEP padding? Exactly explain your answer. In this exercise, we illustrate the problem of using nonprobabilistic cryptosystems, such as schoolbook RSA, imprudently. Nonprobabilistic means that the same sequence of plaintext letters maps to the same ciphertext. This allows traffic analysis (i.e., to draw some conclusion about the cleartext by merely observing the ciphertext) and in some cases even to the total break of the cryptoystem. The latter holds especially if the number of possible plaintexts is small. Suppose the following situation: Alice wants to send a message to Bob encrypted with his public key pair (n, e). Therefore, she decides to use the ASCII table to assign a number to each character (Space rightarrow 32, ! rightarrow 33, ..., A rightarrow 65, B rightarrow 66, ..., ~ rightarrow 126) and to encrypt them separately. Oscar eavesdrops on the transferred ciphertext. Describe how he can successfully decrypt the message by exploiting the nonprobabilistic property of RSA. Bob's RSA public key is (n, e) = (3763, 11). Decrypt the ciphertext y = 2514, 1125, 333, 3696, 2514, 2929, 3368, 2514 with the attack proposed in 1. For simplification, assume that Alice only chose capital letters A-Z during the encryption. Is the attack still possible if we use the OAEP padding? Exactly explain your
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help