Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!utgpu!water!watmath!clyde!rutgers!ames!ucbcad!zen!cory.Berkeley.EDU!hanafee From: hanafee@cory.Berkeley.EDU.UUCP Newsgroups: sci.crypt Subject: Re: generating RSA keys Message-ID: <2837@zen.berkeley.edu> Date: Fri, 5-Jun-87 23:42:25 EDT Article-I.D.: zen.2837 Posted: Fri Jun 5 23:42:25 1987 Date-Received: Sun, 7-Jun-87 00:45:18 EDT References: <537@ucdavis.UUCP> Sender: news@zen.berkeley.edu Reply-To: hanafee@cory.Berkeley.EDU.UUCP (Brian Hanafee) Distribution: world Organization: University of California, Berkeley Lines: 42 Keywords: Keys, RSA >I have been trying to come up with a scheme to implement an algorithm >that would allow the user to pick any key (presumably text), and map it >to a _good_ key (as defined above). [goes on to describe a proposed method for obtaining "good" keys] >I have been trying to find any weaknesses in this scheme (such as dramatically >reducing the number of possible keys, etc.). While the scheme does reduce >the number of keys, it also will guarentee the generation of a good key. >My feeling is that if the key text that is gotten from the user is long >enough (say 10 characters, 6 bits per char -- around 60 unique bits >or from 1 to 1E19), then the results should be fairly good. I think your primary weakness is exactly the one you suggested; this reduces the number of possible keys. The RSA encryption scheme is well known, its strength lies in making decryption computationally infeasible. Given 60 unique bits, you have only 2**60 possible unique keys. I don't know how well this compares to just using DES, but I suspect it's not much better. A second, possibly more serious problem lies in the distribution of the "good" keys. Since you do a linear search from a "bad" key, looking for a "good" key, you will arrive at less than a one-to-one mapping of text to keys (e.g. if "aaa", "aab" and "aac" are bad, but "aad" is good, and you use a linear search, then all four text strings will yield the same key). You should *very* carefully study how rich your domain is in good keys before implementing your mapping. Finally, there is a well-known problem with any encryption based on user-entered keys. They tend to be anything but random, often with a strong correlation with the English/native language. System managers today have serious problems with people using words found in the dictionary as passwords, since they are found easily with brute force search. ----------------------------------------------------------------------------- My opinions are mine, and I take full responsibility. So there. (signed) Brian Hanafee UUCP: !ucbvax!cory!hanafee ARPAnet: hanafee@cory.Berkeley.EDU My opinions are mine, and I take full responsibility. So there. (signed) Brian Hanafee UUCP: !ucbvax!cory!hanafee ARPAnet: hanafee@cory.Berkeley.EDU