Comment

Comment on With public key cryptography, why can't someone decrypt a message using the public key?

rufus@discuss.tchncs.de ⁨2⁩ ⁨months⁩ ago

Ah, that is a really good question. These things happen. People have entire harddisks filled with “rainbow tables” which do these kind of attacks against hash-functions which are supposed to be one-way functions. This way they have terabytes worth of pre-computed hashes for the most common passwords and can immediately tell if one of those passwords is in a database leak.

For this it needs additional measures. Passwords are augmented with additional random data so people can’t pre-compute the hashes. So it wouldn’t be just ‘Hello’, but ‘Hello’ plus an additional “salt” that gets fed into the one-way function so it can’t be brute forced.

PGP for example uses both symmetric cryptography and asymmetric cryptography. The actual message is encrypted with symmetric encryption and the key to that is encrypted with asymmetric encryption. Unfortunately it’s been a while since I last read a book on cryptography. I think they did that because symmetric cryptography is way faster. But things like that could also prevent such attacks.

It’s not always obvious to the layman what kinds of attacks are possible with the crypto algorithms. They definitely need to protect against such scenarios or they’re worthless for that kind of use. There are “known plaintext attacks”. Usually people don’t want anyone even able to prove that you send a certain message. And an algorithm also isn’t good if you can learn something about the secret key if you have access to a ciphertext and plaintext. I think this was part of how they cracked the supposedly secure enigma machines of the Nazis.

source

Sort:hotnew top

OmegaMouse@pawb.social ⁨2⁩ ⁨months⁩ ago
Ah thanks for the useful links! Those articles are all quite fascinating. In the plaintext attacks article, I love the tactic mentioned here:

At Bletchley Park in World War II, strenuous efforts were made to use (and even force the Germans to produce) messages with known plaintext. For example, when cribs were lacking, Bletchley Park would sometimes ask the Royal Air Force to “seed” a particular area in the North Sea with mines (a process that came to be known as gardening, by obvious reference). The Enigma messages that were soon sent out would most likely contain the name of the area or the harbour threatened by the mines

source
- rufus@discuss.tchncs.de ⁨2⁩ ⁨months⁩ ago
  Both cryptography and that part of history are fascinating topics. I can also recommend watching “The Imitation Game” with Benedict Cumberbatch starring as Alan Turing… I mean it’s just a movie and skips lots of the interesting stuff and details. YMMV.
  
  It’s the beginning of computers. And I think especially that time has some interesting stories, discoveries/inventions and personas. There is also the history and role of women in computing which I think is something more people should know about and it’s related to that. After that we needed secrecy in the cold war. I think public key cryptography hasn’t been around until the 1970s. There had been export regulations on cryptography until after I was born. And modern encryption algorithms like AES are from the 1990s.
  
  I think I spent some nights jumping from Wikipedia article to Wikipedia article and reading all of that.
  
  source