Calculating the Private Key

Micha Rosenbaum micha at rosetree.de
Tue Jul 1 21:25:28 CEST 2014

```Dear gnupg users,

I have a question regarding a feature from mailbox.org [0]. This
provider offers to encrypt every unencrypted email you receive with your
public key. Thus only encrypted emails will be stored on the server.

Is there any security related problem, when an attacker has both, the
encrypted and decrypted message?

Looking at the RSA algorithm. Is it possible to calculate the private
key when a message is available both encrypted and decrypted? Maybe not
with just one message, but with a thousand?

The RSA formula for decrypting messages with RSA is – according to
Wikipedia [1] – \$ m = c^(d) (mod N) \$ where N is – as a part of the
public key – always given, c is the encrypted message, m the decrypted
message and d the private key. Can you solve this formula for d if
everything else is given?

At the moment I believe it is not possible to calculate the private key.
That would be an enormous bug, because everyone could write a message
and encrypt it with the public key to have the encrypted and the
decrypted part. But I don‛t know how to prove it using maths :). So I am
very interested in *why* it is not working out, assuming that I am right.

[0]: http://vimeo.com/97065221
[1]: https://en.wikipedia.org/wiki/RSA_%28cryptosystem%29#A_worked_example

Micha

--
PGP: 0x7694EB9B (http://rosetree.de/pgp)
http://www.email-nur-an-dich.de/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140701/877e3a2b/attachment.sig>
```