Join Log in
Score:1
donaastor avatar Crypto

Is asymmetric decryption guessable?

br flag
donaastor

I AM an amateur (for some reason, I have originaly written "I am not"... embarassing, sorry) in cryptography so this might be a very basic question.

I am interested to know if there exist ciphers such that if I encrypt a message with it and then lose first say 300 bits then I can't recover any information from the message even if I have the decryption key?

My problem is basically that I don't have any knowledge about existing ciphers and I don't know what to look for on the internet. All I know is that there exists some ciphers with random access read ability so I probably don't want those ones.

96
0 + 0
SEJPM avatar
us flag
SEJPM
That sounds like an All-Or-Nothing transformation.
2
Reply
kelalaka avatar
in flag
kelalaka
A simple modification of CBC can handle this, the IV for each block is the x-or of all previous ciphertext blocks. Though it will be very inefficient.
0
Reply
Maarten Bodewes avatar
in flag
Maarten Bodewes
@kelalaka That's symmetric encryption, asymmetric encryption is asked for in the title.
0
Reply
kelalaka avatar
in flag
kelalaka
@MaartenBodewes do we encrypt with those? It is highly possible that the OP confuses the terms.
1
Reply
kelalaka avatar
in flag
kelalaka
If I read the question again, `I encrypt a message with it and then lose first say 300 bits then I can't recover any information from the message even if I have the decryption key?` I read this as symmetric.
1
Reply
Maarten Bodewes avatar
in flag
Maarten Bodewes
If it literally reads "asymmetric" then it is asymmetric until the OP changes the title. I don't see how you can conclude "symmetric" or "asymmetric" from that piece of text. If any it reads "asymmetric" as it talks specially about a "decryption key". And e.g. RSA-OAEP can certainly be used to "encrypt with those", yes.
0
Reply
Score:3
Maarten Bodewes avatar Crypto
in flag
Maarten Bodewes

I guess most asymmetric schemes fall into this. 300 bits is quite a large chunk. Most schemes randomize, if possibly in a specific domain. For instance, removing 300 bits from a randomized RSA ciphertext would mean that the modular exponentiation would return the incorrect response - if it would execute at all (RSA explicitly requires a ciphertext that is the same size as the modulus size in bytes). Guessing 300 bits of what is essentially randomized data is computationally infeasible.

Note that if you'd use a deterministic scheme then you could try and guess the plaintext message, and then test if it generates the same ciphertext, after which you could decrypt. Generally we don't use deterministic schemes though.

Similarly, if you'd remove the entire ephemeral DH public key within an hybrid IES scheme then the receiver would not be able to calculate the (symmetric) secret used to encrypt the data.

For hybrid encryption an all-or-nothing transform could also be used, as indicated in the comment section.

Beware that there are many protocols and container formats out there. It is very possible that you remove 300 bits or 37 / 38 bytes from those and still be able to decrypt if you miss the actual ciphertext or an important part of header required derive the actual decryption key.

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.