Score:-1

How To Read Encryption/Hashing Notation

cn flag

This is very basic, but what I'm wondering is: I have a few notations of hashing/RSA encryption that I'm unsure of when reading.

PKE(PW, K) With PW representing a password, K representing a 128-bit string and PKE representing RSA, how would this be interpreted? Do I combine the string and password then encrypt that or something else?

Same goes for this, ssk = H(K,NB,NA), where ssk is a secret shared key, H is the SHA-1 algorithm, K is the same as above and NB and NA are random 128-bit strings.

I'm trying to code these in Python, and I am quite stuck with the theory behind it.

Bean Guy avatar
in flag
It would be awesome to know where you extracted this information from. But the expression $PKE(PW, K)$ typically means to encrypt the plaintext $K$ with the private key $PW$, which in the context of RSA is $PW = (p, q, \varphi(n))$.
fgrieu avatar
ng flag
@Bean Guy: "encrypt the plaintext with the private key" is incorrect. In asymmetric encryption we want to encrypt with the _public_ key, decrypt with the private key. In asymmetric cryptography we can also sign with the private key, but that's not encryption.
Score:1
si flag

RSA doesn't take a password at all. The notation is simply incorrect.

RSASSA-PSS takes a private key and a message and produces a signature. That signature can be verified by anyone with the signature, the message, and the public key.

RSAES-OAEP takes a public key and a short message (almost always a symmetric key) and encrypts that message (symmetric key) so that only someone with the corresponding private key can decrypt it. This isn't actually done much, since ECDH key exchange is less resource intensive and a bit easier to do safely.

For the second part of your question, it's also incorrect. SHA-1 is not a secure Key Derivation Function, and can't be used to safely produce a shared secret key. A real Key Derivation Function like HKDF or Blake3 takes 2-4 inputs: a length to output (optional, some just output 256-bit values), some Initial Key Material (usually the shared secret that results from an ECDH exchange), a salt (optional, may be generated internally), and a domain-separation value (used to ensure that different operations can have different keys even when there's only one shared secret).

If you want to encrypt messages to recipients' public keys with Python, use Pysodium and the crypto_box methods. If you want to encrypt messages using a password, use the crypto_pwhash method to derive the key and crypto_secretbox methods for encryption using the derived key.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.