How much information can be gleaned about a gpg key by possessing both plaintext and ciphertext?
vedaal at nym.hush.com
vedaal at nym.hush.com
Fri Nov 21 19:20:04 CET 2014
On 11/21/2014 at 1:01 PM, "Christ Schlacta" <aarcane at aarcane.org> wrote:
>
>So to summarize, the best way to try this attack would be to
>encrypt lots
>of small messages to a dummy key and a target key because the only
>knowable
>plaintext is the session key. However, there's no known or
>reasonably
>suspected method of plaintext attack anyway, so all this data is
>believed
>to be a waste.
=====
Correct.
You could (more efficiently) isolate the Public GnuPG key as an RSA Public key,
and use an implementation of RSA that does not use padding,
and try all the plaintexts and known resulting ciphertexts, and still not construct the RSA Private key.
vedaal
More information about the Gnupg-users
mailing list