Choice of random in RSA-KEM

eddydee123

4/30/23, 6:57 PM

This may be nit-picking, I’m not sure so feel free to say so.

In RSA-KEM as described e.g. in Wikipedia or this answer, we choose a secret $x : 0 \leq x < n$, and send $x^e \bmod n$ for public exponent $e$.

But isn’t this “textbook RSA”? For example, if $x^e \bmod n < n$ then it won’t wrap, and $x$ can be obtained directly.

Now of course for any normal $n$, the chances of choosing a random $x$ meeting this condition are infinitesmally small. Nevertheless isn’t it technically precise to choose $x: x < n$, $x^e \bmod n > n$ ?

0 + 0

rsa

key-generation

kem

eddydee123

4/30/23, 6:59 PM

Related questions (but which do not directly address my question) https://crypto.stackexchange.com/questions/53232/rsa-kem-minimal-number-of-random-bits, https://crypto.stackexchange.com/questions/34041/bitwise-method-of-generating-r-for-rsa-kem, https://crypto.stackexchange.com/questions/76089/why-rsa-kem-is-more-secure-than-textbook-rsa

eddydee123

4/30/23, 7:03 PM

@kelalaka IIUC the answer there is it's mathematically imprecise, but it is indeed nit-picking

eddydee123

4/30/23, 7:31 PM

@kelalaka So shall I delete my question?

Maarten Bodewes

4/30/23, 8:42 PM

No need, it has already been closed; having a dupe may lead other persons looking for the same Q/A to the right answer.

kelalaka

4/30/23, 11:33 PM

@MaartenBodewes yes, you are right, however, I did not like the title change of the dupe!

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Choice of random in RSA-KEM

TH: การเลือกแบบสุ่มใน RSA-KEM

RO: Alegerea aleatorie în RSA-KEM

RU: Выбор случайным образом в РСА-КЭМ

VI: Lựa chọn ngẫu nhiên trong RSA-KEM

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.