|
Title: Question about encrypting a message Post by: BlackHatCoiner on August 09, 2020, 12:59:00 PM When I encrypt a message it gives me an output. When I do it again it gives me a different output, why that?
https://i.imgur.com/I9d83do.gif Title: Re: Question about encrypting a message Post by: AdolfinWolf on August 09, 2020, 01:40:31 PM I believe it's because it takes a random number r (ephemeral private key), which is converted into S(ymmetric key) = rQ (where Q is the public key)
So every time you encrypt a message M, the value r is different, resulting in a different encryption key, resulting in a different encrypted value. Title: Re: Question about encrypting a message Post by: JuleAdka on August 10, 2020, 12:09:29 AM As @AdolfinWolf said, when you encrypt any data with the Elliptic Curve Cripto Family, you create a random key called ephemeral key, and this key is used in the calculations AND ONLY ONCE, it is a disposable one. If this key is reused, is even possible to find your private key(and this already happened in the past).
Title: Re: Question about encrypting a message Post by: pooya87 on August 10, 2020, 01:31:59 AM it is probably because this option is not used that much and the developers never made it deterministic like all the rest of the elliptic curve cryptography that takes place in your wallet (signing transactions and signing a message). otherwise i can't think of any other reason why this is not deterministic.
you can find it here: https://github.com/spesmilo/electrum/blob/9c5e49f432a4310aa4aec2f7985b52f032210b7e/electrum/ecc.py#L316-L331 by the way ephemeral simply means temporary, it is not the name of the key! Title: Re: Question about encrypting a message Post by: o_e_l_e_o on August 10, 2020, 10:22:45 AM If this key is reused, is even possible to find your private key(and this already happened in the past). This is usually the case, for example, when considering signing transactions or signing messages and reusing the k value. In such cases of re-used and non-random k values, it is possible to derive the associated private key, as you say.This is not the case here, however. Encrypting a message in this way only requires knowledge of the public key, not the private key. Otherwise, how would you encrypt a message to send to someone else? There is no way to derive the private key from this encryption process, even with reuse of the ephemeral key. Title: Re: Question about encrypting a message Post by: JuleAdka on August 10, 2020, 07:25:20 PM If this key is reused, is even possible to find your private key(and this already happened in the past). This is usually the case, for example, when considering signing transactions or signing messages and reusing the k value. In such cases of re-used and non-random k values, it is possible to derive the associated private key, as you say.This is not the case here, however. Encrypting a message in this way only requires knowledge of the public key, not the private key. Otherwise, how would you encrypt a message to send to someone else? There is no way to derive the private key from this encryption process, even with reuse of the ephemeral key. Yes, you are right. Sorry! ;D Re-using ephemeral keys are a problem only wen signing, not encrypting. Maybe they take it as a good practice? Title: Re: Question about encrypting a message Post by: DarkDays on August 13, 2020, 05:34:33 PM There is nothing more to add to this thread apart from all the nice explanations you have here.
But I would suggest you to read this thread on Stackoverflow where the exact question is asked. https://stackoverflow.com/questions/16325057/why-does-rsa-encrypted-text-give-me-different-results-for-the-same-text Here is another discussion https://crypto.stackexchange.com/questions/26249/why-are-rsa-ciphertexts-different-for-the-same-plaintext In general, it's best to ask technical questions like this in communities filled with people qualified to answer it. |
