Score:1

Choice of random in RSA-KEM

mk flag

This may be nit-picking, I’m not sure so feel free to say so.

In RSA-KEM as described e.g. in Wikipedia or this answer, we choose a secret $x : 0 \leq x < n$, and send $x^e \bmod n$ for public exponent $e$.

But isn’t this “textbook RSA”? For example, if $x^e \bmod n < n$ then it won’t wrap, and $x$ can be obtained directly.

Now of course for any normal $n$, the chances of choosing a random $x$ meeting this condition are infinitesmally small. Nevertheless isn’t it technically precise to choose $x: x < n$, $x^e \bmod n > n$ ?

eddydee123 avatar
mk flag
Related questions (but which do not directly address my question) https://crypto.stackexchange.com/questions/53232/rsa-kem-minimal-number-of-random-bits, https://crypto.stackexchange.com/questions/34041/bitwise-method-of-generating-r-for-rsa-kem, https://crypto.stackexchange.com/questions/76089/why-rsa-kem-is-more-secure-than-textbook-rsa
eddydee123 avatar
mk flag
@kelalaka IIUC the answer there is it's mathematically imprecise, but it is indeed nit-picking
eddydee123 avatar
mk flag
@kelalaka So shall I delete my question?
Maarten Bodewes avatar
in flag
No need, it has already been closed; having a dupe may lead other persons looking for the same Q/A to the right answer.
kelalaka avatar
in flag
@MaartenBodewes yes, you are right, however, I did not like the title change of the dupe!
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.