Thank you, now I understood how encryption and decryption works with RSA. So the weakpoint isn’t diffie Hellman but rather their generation of RSA keys. I wonder if diffie Hellman can be attacked by itself or am I a little confused now? :3
Hiho, In modern protocols, like TLS, DH key exchange is used as a 2nd layer of protection. We call this perfect forward secrecy (see en.wikipedia.org/wiki/Forward_secrecy). DH assures, that even if RSA keys are compromised noone can decrypt the recoreded communication. Greetings, Nils
Hello, Yes, we deliberatly chose small numbers for the video and No, it won't solve the RSA challenge numbers :-) (maybe, the early first and small ones, but I am not sure). CT2 is intended as a learning tool -- despite it is being able to really help with many cryptographic real-world problems. We included msieve (at the time the most powerful tool) for factorization, but it is a quite old msieve version. Including it in CT2 was quite difficult and updating it is difficult, too. If you want to factor RSA challenge numbers, then you need to have a look at the state-of-the art implementations for factorization and probably also have to distribute it to many computers. I hope this answers your question :-) Greetings, Nils
@@CryptographyForEverybody I was saying that p-1 and q-1 when divided by 2 are divisible by small primes.....so my question was would it still be fast with safe primes....I think you werent careful selecting your primes.....
Ah, no, we don't tested msieve with safe primes or strong primes. If you are interested how good msieve is with factoring those, have a look at msieve: github.com/radii/msieve You can also test it using the CT2 implementation in the quadratic sieve. Also, the CT2 RSAKeyGenerator generates random primes, but does not take care that these are safe or strong. Maybe in the future we could add an option for that :-)
Heyho, I updated the RSA KeyGenerator of CT2 to allow also to create RSA keys consisting only of safe primes. Clearly, this takes much more time to find the primes, but for a 2048bit RSA key, it takes about 2-5 minutes, so its ok I think :-) Greetings, Nils
Hiho, how big is your N? You can use the Quadratic Sieve to factorize N. But if N is too big, there is no way to factorize it. That is why RSA is secure :-) Hope that helps, Greetings, Nils
@@CryptographyForEverybody Sir, I watched your some video's and it's absolutely knowledgeable. Will watch your video's in future too. Keep your work going on. Thank you 😊
Elliptic Curves has a standard known, RSA is not a good idea, we have few options. Usability, compatibility and in some cases of hardwares the size has need to be short. A paradox isn't ?
Hi Ayr, thank you :-) What do you mean with your question? If you ask for what other applications we can use RSA, then signature is the answer, as you can use RSA to encrypt a message (using the receivers public key) or to sign a message (using your own private key). If you ask for alternatives which we can use instead of RSA, I would say: -> you could use a pre-shared key and use symmetric encryption -> if you want to use asymmetric cryptography you could use elliptic curves Does that answer your question? Greetings, Nils
@@CryptographyForEverybody I understood that your example was for small keys. And that for bigger keys there is relative security. Anyway, I'm already anticipating what's to come in quantum cryptography. His classes are magnificent and help to explain the complex in a simple way. But I am convinced that all cryptography approved by governments allows privacy for everyone except governments.
Thank you, now I understood how encryption and decryption works with RSA. So the weakpoint isn’t diffie Hellman but rather their generation of RSA keys. I wonder if diffie Hellman can be attacked by itself or am I a little confused now? :3
Hiho,
In modern protocols, like TLS, DH key exchange is used as a 2nd layer of protection. We call this perfect forward secrecy (see en.wikipedia.org/wiki/Forward_secrecy). DH assures, that even if RSA keys are compromised noone can decrypt the recoreded communication.
Greetings,
Nils
Thank you very much it was very useful
The primes you used dont look safe. Will this program work with the RSA challenge numbers?
Hello,
Yes, we deliberatly chose small numbers for the video and
No, it won't solve the RSA challenge numbers :-) (maybe, the early first and small ones, but I am not sure).
CT2 is intended as a learning tool -- despite it is being able to really help with many cryptographic real-world problems. We included msieve (at the time the most powerful tool) for factorization, but it is a quite old msieve version. Including it in CT2 was quite difficult and updating it is difficult, too. If you want to factor RSA challenge numbers, then you need to have a look at the state-of-the art implementations for factorization and probably also have to distribute it to many computers.
I hope this answers your question :-)
Greetings,
Nils
@@CryptographyForEverybody I was saying that p-1 and q-1 when divided by 2 are divisible by small primes.....so my question was would it still be fast with safe primes....I think you werent careful selecting your primes.....
Ah, no, we don't tested msieve with safe primes or strong primes. If you are interested how good msieve is with factoring those, have a look at msieve: github.com/radii/msieve
You can also test it using the CT2 implementation in the quadratic sieve.
Also, the CT2 RSAKeyGenerator generates random primes, but does not take care that these are safe or strong. Maybe in the future we could add an option for that :-)
Heyho,
I updated the RSA KeyGenerator of CT2 to allow also to create RSA keys consisting only of safe primes. Clearly, this takes much more time to find the primes, but for a 2048bit RSA key, it takes about 2-5 minutes, so its ok I think :-)
Greetings,
Nils
I have value of 'N' but how to find out the value of 'P' & 'Q'? Shall I use cryptool 2 to find out the same?
Hiho,
how big is your N? You can use the Quadratic Sieve to factorize N. But if N is too big, there is no way to factorize it. That is why RSA is secure :-)
Hope that helps,
Greetings,
Nils
@CryptographyForEverybody I converted hexadecimal into decimal and I got my N and it's 84 bit long . So is it possible to process further?
84 bit can be easily factorized. Use the quadratic sieve. You may Also post the N here 🙂
@@CryptographyForEverybody Sir, I watched your some video's and it's absolutely knowledgeable. Will watch your video's in future too. Keep your work going on. Thank you 😊
Elliptic Curves has a standard known, RSA is not a good idea, we have few options. Usability, compatibility and in some cases of hardwares the size has need to be short. A paradox isn't ?
Thanks
Thank you for the amazing vídeo. Ok but what is the alternative use for RSA?
Hi Ayr, thank you :-)
What do you mean with your question?
If you ask for what other applications we can use RSA, then signature is the answer, as you can use RSA to encrypt a message (using the receivers public key) or to sign a message (using your own private key).
If you ask for alternatives which we can use instead of RSA, I would say:
-> you could use a pre-shared key and use symmetric encryption
-> if you want to use asymmetric cryptography you could use elliptic curves
Does that answer your question?
Greetings,
Nils
@@CryptographyForEverybody I understood that your example was for small keys. And that for bigger keys there is relative security. Anyway, I'm already anticipating what's to come in quantum cryptography. His classes are magnificent and help to explain the complex in a simple way. But I am convinced that all cryptography approved by governments allows privacy for everyone except governments.