Score:0

Is there a way to modify an existing RSA key pair so that the functionality remains?

br flag

I have an existing RSA key pair, how to 'derive' a different key pair based on the existing one so that the encryption decryption functionality remains but the original key isn't interchangeable with the 'modified'/'derived' key?

fgrieu avatar
ng flag
By _"the encryption decryption functionality remains"_ do you mean that we can decrypt with the new private key what was encrypted with the old public key? Or that we can decrypt with the new private key what was encrypted with the new public key? In the later case, what's wrong with generating a new key pair from scratch, and perhaps certifying the new public key with RSA signature using the old private key?
Felix avatar
br flag
"we can decrypt with the new private key what was encrypted with the new public key" for instance if i don't have a good entropy source or computational ability
poncho avatar
my flag
If you have enough computational ability to find new primes, it's easy (feed the private key into a drbg as a seed, and use that to search for the new primes). If you don't, well, you're pretty much stuck with the modulus you already have, and that (as fgrieu notes) doesn't give you PFS.
Score:0
ng flag

One method that does what's asked is to turn the public key $(n,e)$ into $(n,e')$ with $e'=e^2$, and the private key $(n,e,d,p,q,d_p,d_q,q_\text{inv})$ to $(n,e',d',p,q,d_p',d_q',q_\text{inv})$ [or $(n,d)$ to $(n,d')$ ] with $d'=d^2$ or $d'=d^2\bmod\operatorname{lcm}(p-1,q-1)$, $d_p'=d_p^2\bmod(p-1)$, and $d_q'=d_q^2\bmod(q-1)$.

This is not recommendable. In particular, should the old private key leak (including in the future), so does the new one. And encryption requires nearly twice as much time. Also, there are strange properties (like double textbook RSA encryption/decryption with the old key pair is equivalent to textbook RSA encryption/decryption with the new one).

Instead, the recommendable procedure is to generate a new key pair from scratch, and use the original key to sign (a certificate of) the new public key.

cn flag
Or use something based on dlog, where such derivations are usually possible and result in uniformly distributed keys.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.