Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [key-recovery]

A means of recovering cryptographic keys when the usual means for obtaining them is unavailable.; the ability to uncover the secret key to a cryptographic message.

A means of recovering cryptographic keys when the usual means for obtaining them is unavailable.; the ability to uncover the secret key to a cryptographic message.

In some cases, there are key recovery agents (KRA) — highly trusted persons who are responsible for recovering lost or damaged archived keys and/or certificates for users.

53 questions
42
votes
6 answers

How to check that you got the right key when brute forcing an encryption?

How do you know when you have the right key when brute-forcing? Let's say that they test the right key. They then have to check that the decrypted text makes sense. To do so, they can test whether there is a word in the dictionary. But then let's…
ChiseledAbs
15
votes
3 answers

Can we ensure the security of a crypto-algorithm and -implementaton against acoustic cryptanalysis?

Like people always say: “Attacks only get worse…” — which is why I'm asking early. I have been reading the paper “RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis” published December 18, 2013 by Daniel Genkin, Adi Shamir, Eran…
Mike Edward Moras
  • 18,161
  • 12
  • 87
  • 240
9
votes
2 answers

How does Microsoft's BitLocker Recovery Code work?

I don't trust Microsoft BitLocker because it is closed source, which makes it so people can't audit it. But now I'm really interested in how its recovery code works. In my own knowledge, encrypted data can't be decrypted without knowing the key, but…
Hartman
  • 269
  • 3
  • 10
6
votes
2 answers

How should I implement a secure recovery of encryption?

I want to create a system to host as securely as possible encrypted data in a way that not even the system can know the content of the data, but that it could be recovered. I would like to know how is it that other systems implement the use of a…
Nestor Mata Cuthbert
  • 183
  • 11
6
votes
1 answer

RSA public key recovery from signatures

Is it possible (how) to recover public (512 bit long) RSA key from multiple signatures having corresponding plain texts. Padding is not randomized. I need it to verify any future message comming from the same source.
Glushiator
  • 195
  • 1
  • 9
6
votes
2 answers

Cryptanalysis and weaknesses of SEED cipher

I've discovered that a client has SEED enabled in their SSL ciphers, and would like to know a bit more about it from a security perspective. The Wikipedia article doesn't mention any flaws, yet I've found two papers that demonstrate attacks - a…
Polynomial
  • 3,577
  • 4
  • 30
  • 45
5
votes
3 answers

Is including the key as AAD actually dangerous?

In a recent answer, Maarten mentioned including the key is a bad idea as well. This got my curious. Is there any scientific / cryptographic analysis whether including the key in the authentication actually allows for (easier) attacks in the…
SEJPM
  • 46,697
  • 9
  • 103
  • 214
5
votes
2 answers

How to find the keyword of the Playfair cipher, given the plaintext and the ciphertext?

I know how the Playfair cipher works. I would like to know how to find the keyword of the Playfair cipher, given some ciphertext and the corresponding plaintext. For example: encrypted: gy mm ko kc gc plaintext: he ll ow or ld I searched all over…
Brian Brown
  • 145
  • 1
  • 1
  • 4
5
votes
1 answer

In Bitcoin, given half the 52-character private key in WIF format, is it possible to reconstruct the whole private key?

Given the following two preconditions: It is almost impossible to reconstruct a bitcoin private key if an attacker only has one half of the private key as well as the public key. It is almost impossible to reconstruct a bitcoin private key if an…
Ohumeronen
  • 151
  • 1
  • 5
4
votes
2 answers

Recovering private key from Secp256k1 signatures

I've seen many answers here and many articles that says we can recover the private key from reused R signatures. But, what if the r,s signatures are different in transaction of bitcoin then is there a way we could find the ephemeral Key k used in…
Harvy Sam
  • 41
  • 1
  • 2
4
votes
1 answer

Using Pollard's lambda in a key-recovery attack on DH

I've become interested in writing an exploit for the OpenSSL vulnerability here (CVE-2016-0701). Running through the bullets describing the attack, I can follow up to the last bullet point. Reviewing the referenced paper, Key Recovery Attack on DH…
jtim
  • 43
  • 3
4
votes
2 answers

Determine the Key given ciphertexts and plaintexts?

Given two sets of plaintexts and their corresponding ciphertexts, how does one determine the key $K$? The ciphertexts are: $$C_1= (P_1 \oplus K_0) + K_1$$ and $$C_2= (P_2 \oplus K_0) + K_1$$ $K = K_0 || K_1$ (string of bits). where $+$ means…
eagle93
  • 41
  • 1
  • 2
3
votes
0 answers

How do I recover RSA primes from the modulus and the coefficient?

The RSA private key contains 2 primes (of about 4096 bits each), and I only know their product (called modulus) and the modular inverse (called coefficient). How do I recover the RSA primes from the modulus and the coefficient, i.e. how do I…
pts
  • 223
  • 1
  • 8
3
votes
1 answer

Partial key recovery from linear equations

I have searched for my question but I didn't find any relevant answer to my situation. I guess maybe it is too easy but I am a newbie in crypto and I can't figure out the answer. Here is the exercise: An attacker mounts a partial key recovery…
Nesr
  • 45
  • 4
3
votes
1 answer

Is it possible to mathematically extract an AES key from black-box encrypt/decrypt hardware?

I presented our mathematician with an idea: If you have a black box that encrypts or decrypts AES with the same 128 bit key (you don't have any direct access to the key), and you control the input and the direction (enc/dec) and can see the…
Anton Vainer
  • 45
  • 4
1
2 3 4