Timeline for Why doesn't this defeat RSA?
Current License: CC BY-SA 3.0
12 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jan 30, 2017 at 3:14 | comment | added | Carl Knox | $ed'=1 \bmod n$ won't decrypt correctly, however, there are multiple $d'$ which will decrypt all messages for a given $n$. The challenge to find $d'$ is equally hard as to find $d$. | |
| Jan 30, 2017 at 3:06 | comment | added | Carl Knox | Also, the private key is $(n,d)$, not $(\varphi(n),d)$. | |
| May 14, 2015 at 13:48 | vote | accept | Louise | ||
| May 14, 2015 at 13:36 | answer | added | fkraiem | timeline score: 4 | |
| May 14, 2015 at 13:33 | comment | added | poncho♦ | Becsuse $ed'-1$ is (in general) not a multiple of the order of the group, which is $lcm(p-1,q-1)$ | |
| May 14, 2015 at 13:32 | comment | added | Louise | Why doesn't $M^{ed'}=M^{1} \mod n$ (because $ed' = 1 \mod n)$? | |
| May 14, 2015 at 13:30 | history | edited | yyyyyyy | CC BY-SA 3.0 | use standard notation |
| May 14, 2015 at 13:30 | comment | added | poncho♦ | In the example you cited $8^{26} = 47 \bmod 187$, and not $2$ | |
| May 14, 2015 at 13:29 | comment | added | SEJPM | An attacker could compute $d'$, but that wouldn't help him anything, because you need the special relation mentioned in your question for the decryption using $d$ to work ($ed\equiv 1 \pmod{\phi(n)}$) | |
| May 14, 2015 at 13:29 | history | edited | Louise | CC BY-SA 3.0 | added 52 characters in body |
| May 14, 2015 at 13:24 | review | First posts | |||
| May 14, 2015 at 13:32 | |||||
| May 14, 2015 at 13:23 | history | asked | Louise | CC BY-SA 3.0 |