[21702] in cryptography@c2.net mail archive
is breaking RSA at least as hard as factoring or vice-versa?
daemon@ATHENA.MIT.EDU (Travis H.)
Sun Apr 2 13:02:33 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sun, 2 Apr 2006 01:41:59 -0600
From: "Travis H." <solinym@gmail.com>
To: Cryptography <cryptography@metzdowd.com>
So I'm reading up on unconditionally secure authentication in Simmon's
"Contemporary Cryptology", and he points out that with RSA, given d,
you could calculate e (remember, this is authentication not
encryption) if you could factor n, which relates the two. However,
the implication is in the less useful direction; namely, that
factoring n is at least as hard as breaking RSA. As of the books
publication in 1992, it was not known whether the decryption of almost
all ciphers for arbitrary exponents e is as hard as factoring.
This is news to me! What's the current state of knowledge?
--
Security Guru for Hire http://www.lightconsulting.com/~travis/ -><-
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
