PKCS#7

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

PKCS#7

valéry
Hi,

is the following picture correct ?
when creating an encrypted PKCS#7 envelope, a random AES key is generated and encrypted with the provided RSA private key. The AES key is used to encrypt the envelope content. The X509 certificate containing the associated public key is included in the envelope attributes.

If so, would it be possible in principle to decrypt an encrypted PKCS#7 envelope only knowing which AES key was used ?

Thank you-

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: PKCS#7

OpenSSL - User mailing list
> If so, would it be possible in principle to decrypt an encrypted PKCS#7 envelope only knowing which AES key was used ?

Yes.  But maybe not with the openssl api's :)
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: PKCS#7

valéry
Hi,

thank you very much for your response.
Say someone would be able to gather several clear text AES keys and their respective asymmetrically encrypted RSA blocks. Would it weakens the security of the RSA key pair ? I mean could it be easier for someone using that information to brute force an RSA key pair ?

Thank you

 

On Tue, Mar 14, 2017 at 3:12 PM, Salz, Rich via openssl-users <[hidden email]> wrote:
> If so, would it be possible in principle to decrypt an encrypted PKCS#7 envelope only knowing which AES key was used ?

Yes.  But maybe not with the openssl api's :)
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: PKCS#7

OpenSSL - User mailing list
> Say someone would be able to gather several clear text AES keys and their respective asymmetrically encrypted RSA blocks. Would it weakens the security of the RSA key pair ? I mean could it be easier for someone using that information to brute force an RSA key pair ?

No
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: PKCS#7

Verhelst Wouter (Consultant)
In reply to this post by valéry
On 15-03-17 05:13, valéry wrote:
> Hi,
>
> thank you very much for your response.
> Say someone would be able to gather several clear text AES keys and
> their respective asymmetrically encrypted RSA blocks. Would it weakens
> the security of the RSA key pair ? I mean could it be easier for someone
> using that information to brute force an RSA key pair ?

Think of it this way:

As far as the RSA algorithm is concerned, the AES keys are just data.
They happen to be AES keys, but they might have been a hash value, an
image, or somebody's date of birth.

If getting the cleartext as well as the encrypted text for an RSA
message would allow you to more easily guess the RSA key, then the RSA
algorithm would be seriously flawed.

There is no known attack against RSA for which this is true, however, as
Rich pointed out.

--
Wouter Verhelst
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: PKCS#7

valéry
Alright, big thanks to both of you for your input!

On Mar 15, 2017 23:01, "Wouter Verhelst" <[hidden email]> wrote:
On 15-03-17 05:13, valéry wrote:
Hi,

thank you very much for your response.
Say someone would be able to gather several clear text AES keys and
their respective asymmetrically encrypted RSA blocks. Would it weakens
the security of the RSA key pair ? I mean could it be easier for someone
using that information to brute force an RSA key pair ?

Think of it this way:

As far as the RSA algorithm is concerned, the AES keys are just data. They happen to be AES keys, but they might have been a hash value, an image, or somebody's date of birth.

If getting the cleartext as well as the encrypted text for an RSA message would allow you to more easily guess the RSA key, then the RSA algorithm would be seriously flawed.

There is no known attack against RSA for which this is true, however, as Rich pointed out.

--
Wouter Verhelst

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Loading...