Bitcoin Forum
May 10, 2024, 08:12:29 AM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Other > Off-topic > Basic encryption questions
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: Basic encryption questions  (Read 768 times)
Atheros (OP)
Sr. Member
****
Offline Offline

Activity: 249
Merit: 251



View Profile WWW
October 02, 2012, 04:43:03 PM
Last edit: October 04, 2012, 02:21:16 PM by Atheros
 #1
If I encode a message with an RSA public key and then transmit it over a completely insecure network, is it possible for an attacker to see that the receiver (known by the public key) received a message?

Is the answer different for ECDSA ECC? Is it different for other public key algorithms?


Next question:
I remember reading something about ECC having a property where one could extract the public key from some other piece of information efficiently and that Satoshi wasn't aware of this property. Could someone remind me of this property?

Thank You!

EDIT: I should have said ECC, not ECDSA.
BM-GteJMPqvHRUdUHHa1u7dtYnfDaH5ogeY
Bitmessage.org - Decentralized, trustless, encrypted, authenticated messaging protocol and client.
1715328749
Hero Member
*
Offline Offline

Posts: 1715328749

View Profile Personal Message (Offline)

Ignore
1715328749
1715328749
Reply with quote  #2
1715328749
Report to moderator
1715328749
Hero Member
*
Offline Offline

Posts: 1715328749

View Profile Personal Message (Offline)

Ignore
1715328749
1715328749
Reply with quote  #2
1715328749
Report to moderator
Each block is stacked on top of the previous one. Adding another block to the top makes all lower blocks more difficult to remove: there is more "weight" above each block. A transaction in a block 6 blocks deep (6 confirmations) will be very difficult to remove.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1715328749
Hero Member
*
Offline Offline

Posts: 1715328749

View Profile Personal Message (Offline)

Ignore
1715328749
1715328749
Reply with quote  #2
1715328749
Report to moderator
Foxpup
Legendary
*
Offline Offline

Activity: 4354
Merit: 3044


Vile Vixen and Miss Bitcointalk 2021-2023


View Profile
October 02, 2012, 08:22:01 PM
 #2
Quote from: Atheros on October 02, 2012, 04:43:03 PM
If I encode a message with an RSA public key and then transmit it over a completely insecure network, is it possible for an attacker to see that the receiver (known by the public key) received a message?
Yes. That's the whole point of using encryption in the first place: for those situations where you know (or at least suspect) that an eavesdropper will see all your messages, but you want the eavesdropper to be unable to determine the content of the messages that they see. If you need to prevent an attacker from knowing a message was sent at all, encryption won't help; you need to use other techniques to hide your messages, such as steganography.

Quote from: Atheros on October 02, 2012, 04:43:03 PM
Is the answer different for ECDSA? Is it different for other public key algorithms?
No, as that's not what encryption does or is supposed to do.

Quote from: Atheros on October 02, 2012, 04:43:03 PM
Next question:
I remember reading something about ECC having a property where one could extract the public key from some other piece of information efficiently and that Satoshi wasn't aware of this property. Could someone remind me of this property?
I have no idea what you're talking about. Wait - extract the public key efficiently? How is that even a problem?
Will pretend to do unspeakable things (while actually eating a taco) for bitcoins: 1K6d1EviQKX3SVKjPYmJGyWBb1avbmCFM4
I am not on the scammers' paradise known as Telegram! Do not believe anyone claiming to be me off-forum without a signed message from the above address! Accept no excuses and make no exceptions!
Atheros (OP)
Sr. Member
****
Offline Offline

Activity: 249
Merit: 251



View Profile WWW
October 03, 2012, 09:29:43 PM
 #3
Quote from: Foxpup on October 02, 2012, 08:22:01 PM
Yes. That's the whole point of using encryption in the first place: for those situations where you know (or at least suspect) that an eavesdropper will see all your messages, but you want the eavesdropper to be unable to determine the content of the messages that they see.

Yes, I do understand that. But I'm not asking about the content of the message. Given only the one message, is it possible for an attacker to see that the receiver received a message if the attacker knows the target's public key?

For example, suppose that the NSA runs every single one of Tor's exit nodes but no other nodes. They can see all exit traffic and only exit traffic. Suppose that Alice sends Bob an RSA encrypted message through an exit node. Can the NSA tell that Bob received a message if the NSA knows Bob's public key? The NSA currently has no reason to harass Alice but if she is sending messages to Bob, they will.

Quote from: Foxpup on October 02, 2012, 08:22:01 PM
Quote from: Atheros on October 02, 2012, 04:43:03 PM
Next question:
I remember reading something about ECC having a property where one could extract the public key from some other piece of information efficiently and that Satoshi wasn't aware of this property. Could someone remind me of this property?
I have no idea what you're talking about. Wait - extract the public key efficiently? How is that even a problem?

It is a problem because it would reveal the public key of the recipient to the public which would reveal that the receiver received a message.
BM-GteJMPqvHRUdUHHa1u7dtYnfDaH5ogeY
Bitmessage.org - Decentralized, trustless, encrypted, authenticated messaging protocol and client.
DannyHamilton
Legendary
*
Offline Offline

Activity: 3388
Merit: 4653



View Profile
October 04, 2012, 02:10:12 AM
 #4
Quote from: Atheros on October 03, 2012, 09:29:43 PM
Is it possible for an attacker to see that the receiver received a message if the attacker knows the target's public key?
Yes. As a matter of fact it is possible for an attacker to see that the receiver received a message even if the attacker DOESN'T know the target's public key.

Quote from: Atheros on October 03, 2012, 09:29:43 PM
Can the NSA tell that Bob received a message if the NSA knows Bob's public key?
As I mentioned, they don't need Bob's public key to know this.

Quote from: Atheros on October 03, 2012, 09:29:43 PM
The NSA currently has no reason to harass Alice but if she is sending messages to Bob, they will.
Fortunately, if they are only running exit nodes (and if Alice is careful to not leak her identity), they won't know that the message came from Alice.  They will only know that Bob received a message, but not who it came from.

Quote from: Atheros on October 03, 2012, 09:29:43 PM
It is a problem because it would reveal the public key of the recipient to the public which would reveal that the receiver received a message.
It is a public key.  it is already "revealed to the public". That's why it is called a "public" key.  Having the public key isn't necessary to know that someone received a message if the message is sent to them.
Etlase2
Hero Member
*****
Offline Offline

Activity: 798
Merit: 1000


View Profile
October 04, 2012, 07:45:20 AM
 #5
Quote from: Atheros on October 02, 2012, 04:43:03 PM
If I encode a message with an RSA public key and then transmit it over a completely insecure network, is it possible for an attacker to see that the receiver (known by the public key) received a message?

Is the answer different for ECDSA? Is it different for other public key algorithms?

ECDSA cannot be used to encrypt a message, unlike RSA it is only a digital signature algorithm. Assuming the messaging protocol provides the information of who the message recipient is, then yes they could tell that someone received a message. However, if it is a protocol that makes you check every message to see if it's meant for you, then no, they could not (at least, I don't believe so, but I suppose it is possible that some of the public key encryption schemes could allow you to tell whether or not a message is intended for a certain public key, I am not totally sure on this one).

Quote
I remember reading something about ECC having a property where one could extract the public key from some other piece of information efficiently and that Satoshi wasn't aware of this property. Could someone remind me of this property?

The public key can be extracted from a signature.

Quote from: Atheros on October 03, 2012, 09:29:43 PM
It is a problem because it would reveal the public key of the recipient to the public which would reveal that the receiver received a message.

Public key cryptography is not intended to address this.
Decrits
Atheros (OP)
Sr. Member
****
Offline Offline

Activity: 249
Merit: 251



View Profile WWW
October 04, 2012, 02:16:59 PM
 #6
Quote from: Etlase2 on October 04, 2012, 07:45:20 AM
ECDSA cannot be used to encrypt a message, unlike RSA it is only a digital signature algorithm.

I forgot about that. Thank you for reminding me. I should have said ECC.

Quote from: Etlase2 on October 04, 2012, 07:45:20 AM
However, if it is a protocol that makes you check every message to see if it's meant for you, then no, they could not (at least, I don't believe so, but I suppose it is possible that some of the public key encryption schemes could allow you to tell whether or not a message is intended for a certain public key, I am not totally sure on this one).

Ultimately this is the heart of my question. Thank you for your answers!
BM-GteJMPqvHRUdUHHa1u7dtYnfDaH5ogeY
Bitmessage.org - Decentralized, trustless, encrypted, authenticated messaging protocol and client.
Pages: [1]
  Print  
Bitcoin Forum > Other > Off-topic > Basic encryption questions
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!