Any one see this Cryptographic?

[winndy]

Quote:

Originally Posted by cbs

Well, not the best way but applicable... only for study!

Yes,sir,It's only for study!

Quote:

Originally Posted by cbs

I've received PM asking which tool by Satoshi Tomabechi to use. Generally PPSIQS is used.
But don't use RSA Tool for large composite numbers. It's too slow. I have tested RSA Tool vs PPSIQS and PPSIQS is approximately 3 (!) times faster. I tried RSA-255/256 many times and on my machine I get factors for a bit more than one hour. RSA Tool requires ~4-5 hours for the same task. RSA Tool is designed for 'playing' with numbers and keys generation And it's much better to use specialized tools for factoring.

I agree with you!I got the factors by PPSIQS in about 1 hour.
But RSAtool is very slow.
I use RSAtool to calculate D.

Quote:

Originally Posted by cbs

BTW I'm not sure if RSA Tool keys generation scheme is secure

Have you look at API Spy Version 2.5,by Vitaly Evseenko?

I downloaded it from programmerstools.
I cracked it,a username could have many keys.
In fact,It uses RSA.
When I search RSA in tut from pediy.com(chinese site),
I found someone has cracked the apis32,and made a keygen.
In the tut,he said it used RSA,and surely it was!
I got a little puzzled.
In RSA,one username has one code.
But i could get two or four ,or more.
Does RSA have collision like MD5?
If so,RSA should not be used on digital signature.

Regards

RSA doesn't have collision, but usually what's encrypted isn't the actual document, it's the hash of the document. Since asymetric crypto is too slow usually they just take a hash of the doc and then encrypt the hash with RSA with private key. Then the end user uses public key to decrypt hash, takes hash themselves of the document, and compares hashes. If they match this means document hasn't been changed. If MD5 (the most common hash) has collision (still very rare I think) then that is why you may see it because possibly they are RSA the hash only.

-Lunar

[winndy]

Quote:

Originally Posted by Lunar_Dust

RSA doesn't have collision, but usually what's encrypted isn't the actual document, it's the hash of the document. Since asymetric crypto is too slow usually they just take a hash of the doc and then encrypt the hash with RSA with private key. Then the end user uses public key to decrypt hash, takes hash themselves of the document, and compares hashes. If they match this means document hasn't been changed. If MD5 (the most common hash) has collision (still very rare I think) then that is why you may see it because possibly they are RSA the hash only.

-Lunar

Thanks for your explanation.
I am still in the mist.
RSA(hash1)=RSA(hash2)
Whether the hash1 or hash2 are MD5 hash is not important.
What's important is that two different hash arrived the same RSA value.

Anyway,I generally agree with you that RSA has no collision.
Maybe when the program apis32 v2.5 checks the regcode,
It is not the standand RSA_Decipher procedure,so I could
got different Regcode for the same username.

You could look at the apis32 v2.5.
And I will provide more keys for the same username.

Regards

What is the needed to use PPSIQS, i am receiving only...

Input number (input 0 to exit)

[SlashZero]

Hey bytescrk,

just input public Modulus in Base10 ... and ... ENTER ... play with ur girlfriend



Bye

Quote:

Originally Posted by winndy

You could look at the apis32 v2.5.
And I will provide more keys for the same username.

I'll have a look at this when I get free minute

Quote:

Originally Posted by Lunar_Dust

If MD5 (the most common hash) has collision (still very rare I think) ...

Agree with you about that RSA itself can't have collisions It can only be a result of collision in hash.
Otherwise you won't be able to read messages encrypted with RSA - because they could have few meanings

What about MD5 - actually now MD5 is definitely not safe (because of this MD5(x)=MD5(y) => MD5(x+z)=MD5(y+z) ). You can check out this article:

Code:

http://www.codeproject.com/dotnet/HackingMd5.asp

Microsoft has even decided to ban MD5:

Quote:

Originally Posted by eweek.com

Microsoft is banning certain cryptographic functions from new computer code, citing increasingly sophisticated attacks that make them less secure, according to a company executive. The Redmond, Wash., software company instituted a new policy for all developers that bans functions using the DES, MD4, MD5 and, in some cases, the SHA1 encryption algorithm, which is becoming "creaky at the edges," said Michael Howard, senior security program manager at the company, Howard said.

Quote:

Originally Posted by bytescrk

What is the needed to use PPSIQS, i am receiving only...

You can also use 'packet factoring', i.e. you can create ppsiqs.in (or whatsoever).
In this file you put all your numbers that you would like to factor in decimal notation (base-10) like this:

Code:

224723992774119006825578513302384489873
156501211667442645087401128910164446481
119399008393514320049994534947283967297
211087890988599145775593649671167343561
222924203035635853575650313518923532737

Then you type

Code:

ppsiqs.exe < ppsiqs.in

and then you will have results in SIQS.LOG