Insecure private-key encryption












3












$begingroup$


I am learning about crytography and the differences between the public and private keys encryption examples and I was wondering if it is possible to have a private key encryption scheme that is completely insecure? I have not been able to find what that could look like but I'm curious? Or is this not possible? Is the encryption scheme always secure with private keys?










share|improve this question











$endgroup$



migrated from stackoverflow.com 7 hours ago


This question came from our site for professional and enthusiast programmers.























    3












    $begingroup$


    I am learning about crytography and the differences between the public and private keys encryption examples and I was wondering if it is possible to have a private key encryption scheme that is completely insecure? I have not been able to find what that could look like but I'm curious? Or is this not possible? Is the encryption scheme always secure with private keys?










    share|improve this question











    $endgroup$



    migrated from stackoverflow.com 7 hours ago


    This question came from our site for professional and enthusiast programmers.





















      3












      3








      3





      $begingroup$


      I am learning about crytography and the differences between the public and private keys encryption examples and I was wondering if it is possible to have a private key encryption scheme that is completely insecure? I have not been able to find what that could look like but I'm curious? Or is this not possible? Is the encryption scheme always secure with private keys?










      share|improve this question











      $endgroup$




      I am learning about crytography and the differences between the public and private keys encryption examples and I was wondering if it is possible to have a private key encryption scheme that is completely insecure? I have not been able to find what that could look like but I'm curious? Or is this not possible? Is the encryption scheme always secure with private keys?







      encryption symmetric






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited 4 hours ago









      Ilmari Karonen

      35k373138




      35k373138










      asked 12 hours ago







      droidnoob











      migrated from stackoverflow.com 7 hours ago


      This question came from our site for professional and enthusiast programmers.









      migrated from stackoverflow.com 7 hours ago


      This question came from our site for professional and enthusiast programmers.
























          2 Answers
          2






          active

          oldest

          votes


















          6












          $begingroup$

          Any encryption scheme can be insecure if the key space is small enough.



          For example, you could perform encryption with an 8 bit RSA key. For a key of that size, it's trivial to determine the private key given the public key.






          share|improve this answer









          $endgroup$













          • $begingroup$
            would this be true even with a small message space? Or that wouldn't factor in?
            $endgroup$
            – droidnoob
            12 hours ago






          • 1




            $begingroup$
            @droidnoob If your key is insecure nothing else matters. For example given an 8 bit RSA public key with exponent 3 modulus 187, it's trival to factor the modulus into 11 and 17, calculate lamda(187) = lcm(11-1,17-1) = 80, then calculate the private exponent d = 3^-1 mod 80 = 27.
            $endgroup$
            – dbush
            11 hours ago










          • $begingroup$
            thanks for reply. can I ask you one more? What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?
            $endgroup$
            – droidnoob
            11 hours ago






          • 2




            $begingroup$
            @droidnoob If you mean a poorly designed encryption algorithm, then yes.
            $endgroup$
            – dbush
            11 hours ago






          • 2




            $begingroup$
            You could derive a subkey in your scheme that is much smaller than the input key, e.g. by hashing it and taking the leftmost bits. The original, large key could be completely secure - protected by the cryptographic hash - but you have again an encryption scheme with a small key space. Presto.
            $endgroup$
            – Maarten Bodewes
            10 hours ago



















          4












          $begingroup$


          What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?




          Yes, certainly. For example, consider the following encryption scheme:




          • The key is a 256 bit (or, heck, 512 or 1024 bit if you want) string chosen uniformly at random by a cryptographically secure true random number generator, stored securely in a locked vault deep underground, with multiple armed guards watching the entrance 24/7.


          • The encryption method doesn't use the key for anything, and instead encrypts the data using rot13.


          • The decryption method is the same as the encryption method.







          share|improve this answer









          $endgroup$













            Your Answer





            StackExchange.ifUsing("editor", function () {
            return StackExchange.using("mathjaxEditing", function () {
            StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix) {
            StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["$", "$"], ["\\(","\\)"]]);
            });
            });
            }, "mathjax-editing");

            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "281"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: false,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            noCode: true, onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f67586%2finsecure-private-key-encryption%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown
























            2 Answers
            2






            active

            oldest

            votes








            2 Answers
            2






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            6












            $begingroup$

            Any encryption scheme can be insecure if the key space is small enough.



            For example, you could perform encryption with an 8 bit RSA key. For a key of that size, it's trivial to determine the private key given the public key.






            share|improve this answer









            $endgroup$













            • $begingroup$
              would this be true even with a small message space? Or that wouldn't factor in?
              $endgroup$
              – droidnoob
              12 hours ago






            • 1




              $begingroup$
              @droidnoob If your key is insecure nothing else matters. For example given an 8 bit RSA public key with exponent 3 modulus 187, it's trival to factor the modulus into 11 and 17, calculate lamda(187) = lcm(11-1,17-1) = 80, then calculate the private exponent d = 3^-1 mod 80 = 27.
              $endgroup$
              – dbush
              11 hours ago










            • $begingroup$
              thanks for reply. can I ask you one more? What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?
              $endgroup$
              – droidnoob
              11 hours ago






            • 2




              $begingroup$
              @droidnoob If you mean a poorly designed encryption algorithm, then yes.
              $endgroup$
              – dbush
              11 hours ago






            • 2




              $begingroup$
              You could derive a subkey in your scheme that is much smaller than the input key, e.g. by hashing it and taking the leftmost bits. The original, large key could be completely secure - protected by the cryptographic hash - but you have again an encryption scheme with a small key space. Presto.
              $endgroup$
              – Maarten Bodewes
              10 hours ago
















            6












            $begingroup$

            Any encryption scheme can be insecure if the key space is small enough.



            For example, you could perform encryption with an 8 bit RSA key. For a key of that size, it's trivial to determine the private key given the public key.






            share|improve this answer









            $endgroup$













            • $begingroup$
              would this be true even with a small message space? Or that wouldn't factor in?
              $endgroup$
              – droidnoob
              12 hours ago






            • 1




              $begingroup$
              @droidnoob If your key is insecure nothing else matters. For example given an 8 bit RSA public key with exponent 3 modulus 187, it's trival to factor the modulus into 11 and 17, calculate lamda(187) = lcm(11-1,17-1) = 80, then calculate the private exponent d = 3^-1 mod 80 = 27.
              $endgroup$
              – dbush
              11 hours ago










            • $begingroup$
              thanks for reply. can I ask you one more? What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?
              $endgroup$
              – droidnoob
              11 hours ago






            • 2




              $begingroup$
              @droidnoob If you mean a poorly designed encryption algorithm, then yes.
              $endgroup$
              – dbush
              11 hours ago






            • 2




              $begingroup$
              You could derive a subkey in your scheme that is much smaller than the input key, e.g. by hashing it and taking the leftmost bits. The original, large key could be completely secure - protected by the cryptographic hash - but you have again an encryption scheme with a small key space. Presto.
              $endgroup$
              – Maarten Bodewes
              10 hours ago














            6












            6








            6





            $begingroup$

            Any encryption scheme can be insecure if the key space is small enough.



            For example, you could perform encryption with an 8 bit RSA key. For a key of that size, it's trivial to determine the private key given the public key.






            share|improve this answer









            $endgroup$



            Any encryption scheme can be insecure if the key space is small enough.



            For example, you could perform encryption with an 8 bit RSA key. For a key of that size, it's trivial to determine the private key given the public key.







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered 12 hours ago









            dbushdbush

            22615




            22615












            • $begingroup$
              would this be true even with a small message space? Or that wouldn't factor in?
              $endgroup$
              – droidnoob
              12 hours ago






            • 1




              $begingroup$
              @droidnoob If your key is insecure nothing else matters. For example given an 8 bit RSA public key with exponent 3 modulus 187, it's trival to factor the modulus into 11 and 17, calculate lamda(187) = lcm(11-1,17-1) = 80, then calculate the private exponent d = 3^-1 mod 80 = 27.
              $endgroup$
              – dbush
              11 hours ago










            • $begingroup$
              thanks for reply. can I ask you one more? What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?
              $endgroup$
              – droidnoob
              11 hours ago






            • 2




              $begingroup$
              @droidnoob If you mean a poorly designed encryption algorithm, then yes.
              $endgroup$
              – dbush
              11 hours ago






            • 2




              $begingroup$
              You could derive a subkey in your scheme that is much smaller than the input key, e.g. by hashing it and taking the leftmost bits. The original, large key could be completely secure - protected by the cryptographic hash - but you have again an encryption scheme with a small key space. Presto.
              $endgroup$
              – Maarten Bodewes
              10 hours ago


















            • $begingroup$
              would this be true even with a small message space? Or that wouldn't factor in?
              $endgroup$
              – droidnoob
              12 hours ago






            • 1




              $begingroup$
              @droidnoob If your key is insecure nothing else matters. For example given an 8 bit RSA public key with exponent 3 modulus 187, it's trival to factor the modulus into 11 and 17, calculate lamda(187) = lcm(11-1,17-1) = 80, then calculate the private exponent d = 3^-1 mod 80 = 27.
              $endgroup$
              – dbush
              11 hours ago










            • $begingroup$
              thanks for reply. can I ask you one more? What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?
              $endgroup$
              – droidnoob
              11 hours ago






            • 2




              $begingroup$
              @droidnoob If you mean a poorly designed encryption algorithm, then yes.
              $endgroup$
              – dbush
              11 hours ago






            • 2




              $begingroup$
              You could derive a subkey in your scheme that is much smaller than the input key, e.g. by hashing it and taking the leftmost bits. The original, large key could be completely secure - protected by the cryptographic hash - but you have again an encryption scheme with a small key space. Presto.
              $endgroup$
              – Maarten Bodewes
              10 hours ago
















            $begingroup$
            would this be true even with a small message space? Or that wouldn't factor in?
            $endgroup$
            – droidnoob
            12 hours ago




            $begingroup$
            would this be true even with a small message space? Or that wouldn't factor in?
            $endgroup$
            – droidnoob
            12 hours ago




            1




            1




            $begingroup$
            @droidnoob If your key is insecure nothing else matters. For example given an 8 bit RSA public key with exponent 3 modulus 187, it's trival to factor the modulus into 11 and 17, calculate lamda(187) = lcm(11-1,17-1) = 80, then calculate the private exponent d = 3^-1 mod 80 = 27.
            $endgroup$
            – dbush
            11 hours ago




            $begingroup$
            @droidnoob If your key is insecure nothing else matters. For example given an 8 bit RSA public key with exponent 3 modulus 187, it's trival to factor the modulus into 11 and 17, calculate lamda(187) = lcm(11-1,17-1) = 80, then calculate the private exponent d = 3^-1 mod 80 = 27.
            $endgroup$
            – dbush
            11 hours ago












            $begingroup$
            thanks for reply. can I ask you one more? What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?
            $endgroup$
            – droidnoob
            11 hours ago




            $begingroup$
            thanks for reply. can I ask you one more? What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?
            $endgroup$
            – droidnoob
            11 hours ago




            2




            2




            $begingroup$
            @droidnoob If you mean a poorly designed encryption algorithm, then yes.
            $endgroup$
            – dbush
            11 hours ago




            $begingroup$
            @droidnoob If you mean a poorly designed encryption algorithm, then yes.
            $endgroup$
            – dbush
            11 hours ago




            2




            2




            $begingroup$
            You could derive a subkey in your scheme that is much smaller than the input key, e.g. by hashing it and taking the leftmost bits. The original, large key could be completely secure - protected by the cryptographic hash - but you have again an encryption scheme with a small key space. Presto.
            $endgroup$
            – Maarten Bodewes
            10 hours ago




            $begingroup$
            You could derive a subkey in your scheme that is much smaller than the input key, e.g. by hashing it and taking the leftmost bits. The original, large key could be completely secure - protected by the cryptographic hash - but you have again an encryption scheme with a small key space. Presto.
            $endgroup$
            – Maarten Bodewes
            10 hours ago











            4












            $begingroup$


            What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?




            Yes, certainly. For example, consider the following encryption scheme:




            • The key is a 256 bit (or, heck, 512 or 1024 bit if you want) string chosen uniformly at random by a cryptographically secure true random number generator, stored securely in a locked vault deep underground, with multiple armed guards watching the entrance 24/7.


            • The encryption method doesn't use the key for anything, and instead encrypts the data using rot13.


            • The decryption method is the same as the encryption method.







            share|improve this answer









            $endgroup$


















              4












              $begingroup$


              What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?




              Yes, certainly. For example, consider the following encryption scheme:




              • The key is a 256 bit (or, heck, 512 or 1024 bit if you want) string chosen uniformly at random by a cryptographically secure true random number generator, stored securely in a locked vault deep underground, with multiple armed guards watching the entrance 24/7.


              • The encryption method doesn't use the key for anything, and instead encrypts the data using rot13.


              • The decryption method is the same as the encryption method.







              share|improve this answer









              $endgroup$
















                4












                4








                4





                $begingroup$


                What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?




                Yes, certainly. For example, consider the following encryption scheme:




                • The key is a 256 bit (or, heck, 512 or 1024 bit if you want) string chosen uniformly at random by a cryptographically secure true random number generator, stored securely in a locked vault deep underground, with multiple armed guards watching the entrance 24/7.


                • The encryption method doesn't use the key for anything, and instead encrypts the data using rot13.


                • The decryption method is the same as the encryption method.







                share|improve this answer









                $endgroup$




                What if the key is completely secure and protected, would there be any way to have a completely secure key but insecure scheme?




                Yes, certainly. For example, consider the following encryption scheme:




                • The key is a 256 bit (or, heck, 512 or 1024 bit if you want) string chosen uniformly at random by a cryptographically secure true random number generator, stored securely in a locked vault deep underground, with multiple armed guards watching the entrance 24/7.


                • The encryption method doesn't use the key for anything, and instead encrypts the data using rot13.


                • The decryption method is the same as the encryption method.








                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered 4 hours ago









                Ilmari KaronenIlmari Karonen

                35k373138




                35k373138






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Cryptography Stack Exchange!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    Use MathJax to format equations. MathJax reference.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f67586%2finsecure-private-key-encryption%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    GameSpot

                    日野市

                    Tu-95轟炸機