{"title":"前向搜索作为针对公钥的密码分析工具","authors":"G. J. Simmons, D. Holdridge","doi":"10.1109/SP.1982.10011","DOIUrl":null,"url":null,"abstract":"In symmetric cryptosystems that depend on a single (secret) key for both encryption and decryption, a cryptanalyst -- since the key is unknown to him -- must either work backward from the cipher or else from the cipher and some known pairs of plain-text messages and matching ciphers in attempting to recover the plaintext. In an asymmetric (two key) cryptosystem used in the public key, i.e., privacy channel, mode where the encryption key is publicly expcxsedso that anyone who wishes can encrypt messages that can mly be decrypted by the person having the (secret) decryption key, a cryptanalytic weakness may occur that has no counterpart in symmetric systems. If the entropy of the input messages is too small (roughly speaking if it is computationally feasible to search through the most likely messages) either because the total number of messages is small or because a small number of the messages occur with high probabilities, the cryptanalyst can pre-encrypt these messages to form a cipher file that can then be matched against observed ciphers to accomplish a simple substitution decryption. This forward search cryptanalytic weakness of a public key privacy channel is purely a function of the entropy of the plaintext messages and does not depend on the existence of any cryptanalytic weakness in the concealment of the secret decryption key from a knowledge of the public encryption key in the underlying public key algorithm.","PeriodicalId":195978,"journal":{"name":"1982 IEEE Symposium on Security and Privacy","volume":"79 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1982-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"22","resultStr":"{\"title\":\"Forward Search as a Cryptanalytic Tool Against a Public Key\",\"authors\":\"G. J. Simmons, D. Holdridge\",\"doi\":\"10.1109/SP.1982.10011\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In symmetric cryptosystems that depend on a single (secret) key for both encryption and decryption, a cryptanalyst -- since the key is unknown to him -- must either work backward from the cipher or else from the cipher and some known pairs of plain-text messages and matching ciphers in attempting to recover the plaintext. In an asymmetric (two key) cryptosystem used in the public key, i.e., privacy channel, mode where the encryption key is publicly expcxsedso that anyone who wishes can encrypt messages that can mly be decrypted by the person having the (secret) decryption key, a cryptanalytic weakness may occur that has no counterpart in symmetric systems. If the entropy of the input messages is too small (roughly speaking if it is computationally feasible to search through the most likely messages) either because the total number of messages is small or because a small number of the messages occur with high probabilities, the cryptanalyst can pre-encrypt these messages to form a cipher file that can then be matched against observed ciphers to accomplish a simple substitution decryption. This forward search cryptanalytic weakness of a public key privacy channel is purely a function of the entropy of the plaintext messages and does not depend on the existence of any cryptanalytic weakness in the concealment of the secret decryption key from a knowledge of the public encryption key in the underlying public key algorithm.\",\"PeriodicalId\":195978,\"journal\":{\"name\":\"1982 IEEE Symposium on Security and Privacy\",\"volume\":\"79 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1982-04-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"22\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"1982 IEEE Symposium on Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SP.1982.10011\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"1982 IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SP.1982.10011","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Forward Search as a Cryptanalytic Tool Against a Public Key
In symmetric cryptosystems that depend on a single (secret) key for both encryption and decryption, a cryptanalyst -- since the key is unknown to him -- must either work backward from the cipher or else from the cipher and some known pairs of plain-text messages and matching ciphers in attempting to recover the plaintext. In an asymmetric (two key) cryptosystem used in the public key, i.e., privacy channel, mode where the encryption key is publicly expcxsedso that anyone who wishes can encrypt messages that can mly be decrypted by the person having the (secret) decryption key, a cryptanalytic weakness may occur that has no counterpart in symmetric systems. If the entropy of the input messages is too small (roughly speaking if it is computationally feasible to search through the most likely messages) either because the total number of messages is small or because a small number of the messages occur with high probabilities, the cryptanalyst can pre-encrypt these messages to form a cipher file that can then be matched against observed ciphers to accomplish a simple substitution decryption. This forward search cryptanalytic weakness of a public key privacy channel is purely a function of the entropy of the plaintext messages and does not depend on the existence of any cryptanalytic weakness in the concealment of the secret decryption key from a knowledge of the public encryption key in the underlying public key algorithm.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
