0

As far as I know, a secret key corresponding to a given public key is not unique. So, for example, there are actually multiple secret keys that can produce the same digital signature under RSA signature scheme.

What I wonder is, how can I compute the expected time to find a matching secret key of a given public key? I assume some details are given like the length of keys, the key generation algorithm etc.

Also, is there a public-key encryption scheme s.t. there's a unique secret key for each public key?

SpiderRico
  • 461
  • 6
  • 19

1 Answers1

2

The expected time to compute a secret key from a public key is of course entirely dependent on the scheme and the security parameter. Of course for the scheme to be secure, the probability that an adversary can make such computation in poly time must be negligible.

Regarding your second question, you might want to look here. Again this is entirely dependent on the scheme.

Panos
  • 334
  • 1
  • 13