Skip to main content
Cryptography

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

3
  • 1
    $\begingroup$ Only if Alice can trust Bob not to share the public key with anyone else, either accidentally or on purpose, and that noone evesdrops on the initial sharing of the public key. Kind of defeats the purpose of a public key, however -- might as well just use a shared secret symmetric key. $\endgroup$ Commented Jan 21 at 23:56
  • 1
    $\begingroup$ This is two questions into one. The first one is really easy to answer for most cryptographers (hence the comment by Chris), the second requires in-depth knowledge about the protocol that is used for Microsoft Graph. Note that most cryptographic algorithms do not have an explicit rule that the public key cannot be derived from messages / signatures or indeed tokens. For instance, the RSA public key is usually just the modulus, which is the maximum value of any RSA ciphertext / signature. $\endgroup$ Commented Jan 22 at 9:17
  • 1
    $\begingroup$ (it is still impossible to calculate the modulus since a "close" number - the maximum value of all the ciphertext - only tells you the first x bits and you'd still have to check n - x bits, but it shows that information about the modulus certainly is leaked) $\endgroup$ Commented Jan 22 at 10:02