Is possible to break the encryption on a password by this encryption?

Ruthie

5/25/23, 1:14 PM

I wonder if it is possible to break the encryption on a password by such encryption:

Where E is the encryption function that uses a known public key of the server.

0 + 0

encryption

public-key

passwords

decryption

Ievgeni

5/28/23, 10:12 AM

Is it homework? What are $k, pwd$, and what does mean <>?

Score:1

Crypto

poncho

5/25/23, 2:27 PM

I wonder if it is possible to break the encryption on a password

No, it is not possible to recover the value of pwd, unless the public key scheme used by the server is weak (or if you also have the server's private key).

Here is the demonstration of that: suppose you did have a method that, given $< E_s(k), k \oplus pwd >$, would recover $pwd$. Then, here is how you could recover the value $x$ given $E_s(x)$:

Select a random $r$
Create the pair $< E_s(x), r >$, and give it to your recovery method
The recovery method would return the value $x \oplus r$.
Since you know $r$, that gives you the original plaintext $x$.

Thus demonstrating that the public key method used by the server was weak.

0 + 0

Ruthie

5/25/23, 2:48 PM

Thank you so much! I have another question, suppose I encrypt in this way: <Es(k1 || k2),k1⊕pwd, k2⊕c> while c is a random string and k1, k2 are constants, is it possible now to recover my pwd?

poncho

5/25/23, 2:55 PM

@רותיכהן: if $k_1, k_2$ are constants (that is, exactly the same for each encrypted password), then it would be possible to deduce the passwords given a list of encrypted passwords; given two encrypted passwords, you'd xor $k_1 \oplus pwd$ and $k_1 \oplus pwd'$, resulting in $pwd \oplus pwd'$; from that, you can deduce the various passwords (by relying on the nonuniformity of user-selected passwords)

Ruthie

5/25/23, 3:05 PM

first, thx again, about the first question now when I'm thinking about it I'm not sure why it is not possible to recover the pwd. I would be gratful for explanation! thank you again!!!

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Is possible to break the encryption on a password by this encryption?

TH: เป็นไปได้ไหมที่จะทำลายการเข้ารหัสในรหัสผ่านด้วยการเข้ารหัสนี้

RO: Este posibil să rupeți criptarea unei parole prin această criptare?

RU: Можно ли этим шифрованием сломать шифрование пароля?

VI: Có thể phá mã hóa trên mật khẩu bằng mã hóa này không?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.