I have (e, n) = (1d35,c4b361851de35f080d3ca7352cbf372d) and ciphertext = a02d51d0e87efe1de
fc19f3ee899c31d, but my private key has 5 letters unknown like this 53a0a95b089cf23adb5
cc73f07XXXXX(X represents unknown).How can I test through all valid and possible private keys to find meaningful plaintext? Thanks for your help.
I have tried using 5 for-loop to generate all private keys, but having errors because it is not a valid private key. I'm not sure about the reason.
Related
Can anyone help regarding this??
I generated a key in python using jwk using below command and stored in a variable key
key = jwk.JWK.generate(kty='RSA', size=512)
and when i used key.export() it returned the below dict
{'d': 'Z1apo6KRMoS0xyqqTu7lEwZ7f_AON_tve42nSUkwXypMF1rDNj_xgIn9J5I4TvAisUaRYq82uZfYf76eMgj8uQ',
'dp': '4k-hSfYmT8H2zdHVFVQpBD-_w5G9ASSADgKn3F08AAs',
'dq': 'E4fXlCY6oT3yPTnOb3LvLxMtKDPmwoI-FLYbNP2L0-k',
'e': 'AQAB',
'kty': 'RSA',
'n': 'wuALgiButVPQy8bCnSkvU-QlBqYB5pk6rfwlcTr-csc8DOvPzekHJYWPjbP_ptAxSW3r5Bnpac1MDgMQKFjOtw',
'p': '8ZI61ugJ3WblKvY-JfkyWXUcdoGAWQB8B9VcfWRvLuM',
'q': 'zoPN8ItkA_0rf_XobRkjhYIdtoXyOLXCqYSU0i8etR0',
'qi': 'JhXuF6EDTrrPysGzsVhco4hpVsSHCXgS7UGZUISc2Ug'}
can anyone explain what are the keys in this dict like d, dp, dq, e, n, p, q, qi
You generated a JWK (JSON Web Key), a special representation of a key. In your case it's an RSA Key which contains the parameters for the private and the public key.
Please refer to the RFC7517 for the general keys. e.g.
"kty" (Key Type) Parameter
and
RFC7518 for the algorithm specific part.
n and e are the modulus and exponent of the public key, all others are used for the private key. Section 6.3 of the RFC7518 lists all the specific entries of the RSA key:
"n" (Modulus) Parameter
"e" (Exponent) Parameter
"d" (Private Exponent) Parameter
"p" (First Prime Factor) Parameter
"q" (Second Prime Factor) Parameter
"dp" (First Factor CRT Exponent) Parameter
"dq" (Second Factor CRT Exponent) Parameter
"qi" (First CRT Coefficient) Parameter
Im trying to find out what kind of hash encryption this is in javascipt:
function L(j) {
var h = a.pbkey,
g = a.rndnb;
if (typeof f != "undefined") {
var e = f.PBK(h),
d = f.STBUNC(j),
i = f.STBA(g),
c = f.ENC(d, e, i),
b = f.BAT64(c);
return b
} else return ""
}
It hash a phonenumber.Ex: +79645531974
pbkey:'e=010001;m=d06889ab9ea3c9ce9d2e92559d6b2f043ef873f0cc9f858745bc6784d1d9a98f8d354e061d25fad9c3a741c57626d0d65de01eb03584a5af1f579b9f9834a60b628756ad636ec1d3129e87e0c7274670d9ca615f12fe3424e9da362f7f8cce8dfe61d79f5ec68dffe1f3ddcf5e20e1bf07349ee6c747a59b09d6420d131899f93dfaeacd76d6a684cda8ac99e7f87e17507235a2b59b84f56d8a3d4ecdd8259b3c7d892758d69a48930b591e66cc6d88d20a3de9360be30c8a94084a2753c92e0cfd1c94868c90109cd176855bba96cd3e73f34442ddfd256da7f1d1e48fbf265ad2f2caeebe4990ca5638b90b6c3fafa8c015a09947e3f03defc51e231a2f2d'
rndnb:'7fc1cdfea47d0057bbb33176ce73a376f9319d4e221d84807d74ff2f859b510b9fd132e577ed207d96b1d11e57500bff93efe97842248bcbe39527592797b7e3a821110ae61c3da67c2773bcb634c53357fb230ef95297d20c37d256aa8bd75bea315f2d
Result: 4LW/+zyiBBgDExOLPLafO9T/GG3guycSMK3uz16qFcXWgvo1KAF8VrbGrxAE91Mvk6qUDkX8c9ha7urDB41XDAhciBbj2VzE48WXjB/A6gI6n7qcTwkNTPT0Qly1EFRtTF44xTbPEld/OviYhD2OolumbtL42wtnyw1oh4/2v2SyAqARdGJizRhd1UFpWW+OUIcF3eyhKS1R+TDorsOoM/bJQzR6CTSyLysfPJL8ldjG0Ujevac7dT+WvaXFmP3qlsReMP/FSLjs7xixCAA/VrxIRUragoIOf2cptilop5zJNY26DO/iEhUUU7n8ANayrqthplS3v624XR24iM22bg==
The code suggests that it uses 2048 bit RSA encryption (with public exponent 65537) and a randomized padding scheme.
But with only this code it is impossible to solve the whole thing. We need to know what the PBK(), STBUNC(), STBA(), ENC(), BAT64() functions do, otherwise we cannot definitively say anything about what is done here.
However, the input parameters give some suggestions. The pbkey parameter suggests that the encryption is "public-key" based and uses an exponent e = 65537 (a commonly used RSA public exponent). Then it's an easy guess that m stands for "modulus". We could be dealing with either RSA or some logarithm-group crypto (e.g. ElGamal). To get more information we could check if this modulus m is a prime number, turns out it's not. So logarithm-group crypto is off the table and so we are probably dealing with RSA. Notice how the modulus and the output are each 2048 bits, so this checks out.
But we're not done. We also have the rndnb value, which probably means "random number". This suggests that the encryption is not textbook RSA (thank god), but uses some kind of randomization. Possible it uses some kind of standard padding scheme like OAEP.
To get more details we would really need to get the bodies of the functions that are use.
I understand that SQLite does not have data type. But I'm not quite sure if it matters when creating table?
I was trying to generate the CREATE TABLE statement automatically. At the very beginning, I thought I should map the C# data types to SQLite data types until I read the description of storage class. This document confused me a bit, thus I think it's better to ask and correct my understanding.
It says there are 5 storage classes, which are NULL, INTEGER, REAL, TEXT and BLOB. However, it also stated 5 affinities, TEXT, NUMERIC, INTEGER, REAL and BLOB, which doesn't map to the storage classes exactly. i.e., it doesn't have NULL affinity and what will NUMERIC map to in the storage class?
Decimal in C# is a floating point, why it is mapped to NUMERIC affinity? Was that because REAL has 8 bytes max and Decimal has 16? Can SQLite store Decimal precisely as in C#?
Why both Boolean and Decimal are mapped to NUMERIC? Boolean seems take the smallest storage (1 byte or even 1 bit), but Decimal takes much more. If NUMERIC is a single-byte type, it won't be able to store Decimal, or if it is multi-bytes, why don't Boolean mapped to INTEGER? It should be more efficient, shouldn't it? Or, should I completely forget the bytes of data type in SQLite?
Albeit these questions in my head, I tried to map a struct into table. Some sample code can be seen as follows (class/function structure excluded):
public sealed class ScreenInfo {
public int ScreenId;
public string Name;
public int BoundX;
public int BoundY;
public int BoundW;
public int BoundH;
public int WorkingAreaX;
public int WorkingAreaY;
public int WorkingAreaW;
public int WorkingAreaH;
public int BitsPerPixel;
public bool IsPrimary;
public Rectangle Bounds {
get { return new Rectangle(BoundX, BoundY, BoundW, BoundH); }
set { BoundX = value.X; BoundY = value.Y; BoundW = value.Width; BoundH = value.Height; }
}
public Rectangle WorkingArea {
get { return new Rectangle(WorkingAreaX, WorkingAreaY, WorkingAreaW, WorkingAreaH); }
set { WorkingAreaX = value.X; WorkingAreaY = value.Y; WorkingAreaW = value.Width; WorkingAreaH = value.Height; }
}
}
StringBuilder sb = new StringBuilder();
sb.Append("CREATE TABLE `Screens` (`id` INTEGER PRIMARY KEY AUTOINCREMENT");
var fields = typeof(ScreenInfo).GetFields();
foreach (var f in fields) {
sb.Append($", `{f.Name}` {Type.GetTypeCode(f.FieldType).ToString()}");
}
sb.Append(");");
The code above generates the following SQL statement. Although String and Int32 are not typical SQL data types, it seems to be working fine.
"CREATE TABLE `Screens` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `ScreenId` Int32, `Name` String, `BoundX` Int32, `BoundY` Int32, `BoundW` Int32, `BoundH` Int32, `WorkingAreaX` Int32, `WorkingAreaY` Int32, `WorkingAreaW` Int32, `WorkingAreaH` Int32, `BitsPerPixel` Int32, `IsPrimary` Boolean);"
If the struct does not contain a field named id (otherwise it will conflict with the primary key), will it cause any other potential problems in the SQLite database?
Thanks in advance!
SQLite does have data types, it just uses dynamic typing, i.e., it does not restrict the types that can be inserted into a column.
Affinities are not storage classes; they describe the type that a column 'wants' to be. Therefore, there is no NULL afinity.
The NUMERIC affinity maps to either INTEGER or REAL, whatever is more efficient.
SQLite has no decimal type.
SQLite's storage classes are types, but the actual way how values are stored in the database is different. Integers can be smaller than 8 bytes, and booleans take 0 bytes.
Writing a column type as Int32 does not make it any different from any other type that maps to the INTEGER affinity; it would be useful only for documentation.
This is a RSA private key :
<BitStrength>4944</BitStrength>
<RSAKeyValue>
<Modulus>vqZ07gIBoLEzJZHhNYj3WSt9F5iw/Klr/hb22Q8YT5NivYS8UpuzteNHpE7u0pk4Izcto4fqtqPHFpXxzhpswtCwOO7czabK/8B+im6T6aRHSSbZXB59NPxj883BS04F1/zziwPj84Ez+/t1ckrK8O/Gbo8DOr4UPQ3CDoDw4gAQpNe4H48zfGV42WIOQjm00DHOhgpFpZaYapXjDz3KfbdY+p4y1R0Yt4eNViRmvQ2jBPIeXVZACC3Ef3J0TCTWne+1Y4gCfMl0z+4hkE1XZpPiDxt2BR46GYU+NwsrI82pIJ6Bigj51jYpgPE4uQBmjYylY/HTJw4b6N45MuljWFuaxOrDHaHdskhSGUS+fAzp5KXh1xsRdzXysv6uliPU3BmgNsM0Av5Gm4EnVoeqjeC/0G3dLoIJi//IqBCNGOfV8sSo/Y6JNGZoAlE6KT101Q89ClrJyHVoZCbU3qVg9F6tPCorn9+UH9rEKQbABpMMjBM3H2MFuiUlvDWlatP+VH1WugKInlP3b20cINGs+Z5obUYcnAiZ8Dj5WN+OVOZH2nqG3X/Hl+V/87kAVhl1lb1gkDzl53aJ+CgmKJ8GRNdxhtV0xmfewrGxhVdWR3qszY05O1GH914tD0viDXgGDIq6ZyHm78XKQQ6eztdfxT/pNi4Dmtd49vyjSjseEa8uMn/KjvePIBJ02pweSo7tkROptAENE+MWSANdH89NU06tOC+bQ57TaVD2AKvlo8nZudshMrBMXRsUYTsy0kRnFvjPw4U2EUz3rfNLabela1OS1gR8QvPaFBf+mxxJgk002xPgSAdhVRiv</Modulus>
<Exponent>AQAB</Exponent>
<P>8RUZbaB91ve478Jam2QjOWooTrvtaOzoe6hygPA8E6GlEqwryGg2180lUUoM+RdFTgmKvxaLyV7Xg4RZHD0vWYmE4VT/ChulT52qn8IPgIV1O+F67EVh4ovVCx/vXEiDCLpzWRgyMr8VazsM71xmLi8N5+3esFNcdoFk7a+7odVC5xIAK8N/BiXu+PVYeai4begJTvXtK1bFFr7TQCmC6JUp84/dFCoNIyMHjVFYuz2Td8D3quxjPRaj+fnjYtce92JD0v5rkfmYTSFt2EbZKkdMJpS7MeDmFErOUDSYVOdu7CbmlVbXcD6QbSC2RbX/fbyTWwyAti3JSJ+WzUbrnp9olXEcldMt7Z8okT2Y9apxmKNYibq0XN+JPhdBlk1EffhRiCGHfFAsNME85dvRI0naJMxD</P>
<Q>ynJ6nUraqvWP178eFFbrY//r274r59ckV/4/TFd/vlxPjLR4XpRgM16o/rrIyjDqko5MCm4f0LYZoNfe/6/Xz1WsbfuFCcp+SdFrVFDjE4rzszys25/fum4TcsSbmsQflNY108QD0Mf+6xBsuVlWh8WWXKim0aplVF6tEiz3bMEWWjTM5Wuv65hEO9V6q+BNJ+j3VqZdVBPKKqnyxxK84zFXec8JqGqYo2qxFEahunagv0hm5sCLerv3GcBAy719q43eecwHfIEgNuAFoMLr4R/IFMLPy31CQHMalFRazfu4CZoIwDkDVZHfACHDoLR+91LbMG/UZhRnv0YZ9+fFajINxTPkgIvLwaf624yZ2DOF8h+Aor5evHZ00/iD6AP0kogjd0JlXTvVVL2R8VeGowfkHnEl</Q>
<DP>oTHmarKg8Zd5hHaDdtsh4kXk5aAqQboGSIh851G6GbY/VZjhPYLRCMIWbaABxJuWr3MZ3mMI3IAZwcpAeu0+N7QHsVLPpMaPZgiaCXAMRXb2yC8frdNGe9/bdzDHLwEc/D0O20eeaOfzPluhbnptp/u2ZJlcCLH0ZRhnj7Ws06xwq2gRzTFOQaIjgzspCU+S4YoAj1dIWW4PIgI95ezbpv/1qPFMdSsY1aGabxcxKSEm9S+Fajfcsv/sbDx1maUVA3wktXOAIX6uIwRzGeVlVyuM808HS3aA4JiUEnTYVgzY0fXAv6HtMxPiJdV1im8CgeQQ8xQNC8LZj0GF54PAD7Oujh2va05kqzl8OoDhQYHRqqmtjYnVBzQ/49BQ/lpzrXbXrRoeKTTCGhQKz/aGg/3hajFZ</DP>
<DQ>TOlFD/DaNkzoguyGvu9uqiUWM/uBrqiblBpxbc1oKKflSO1fNX9lNN7nkS7hDX+b/mW1GdlQmPg1sFeSzsy9TnWb9oSxvFCDvgOjpPq96jTF9Pg+K4oHc0pSdS2geCG+Zcsj0/oKAQ2aGS+6PohkSVyVjUo9ZjY4HN+DHP6cWWLZ3RdmKFrLENReR+UIn7etWFY3cWHu3vxNt/us0liaDi42r34qiyNELgFgmPVkh/R9iW42OcA4vT4f2Fajx0OMNNrHBLqwtWpRFMfzG2oyNureFpUUYJiLzPRtyqBphwv0lSFB5dVDIQU0FVa+fZVVDx0ZTMOPi+CAsbguMXKKG5g8hwj57KQvmrj4ouQ9plecsamqMynjz/Go3MbzRfgKuIikALDm1Y7fszv58BhyfAmJbs9J</DQ>
<InverseQ>3awPjKSwbmVsn+Ip7nwwSRgJHJhHBqr/KmT7NBv9cOAFXEaz9v7VmhSLU3GZcfHi9J0gTa/2POCd5X3IT5bEtf42jDgfP39vGDqc8liWOZG2Ha7Y/TteIO9REAIy7tTPdWWG0TyBVQah4eC0A9KS9GDR1cLL0wdky38ppNwZT3V1kzgBoow1Agea44rM+tgUIZtrPxtHHBNFgX2Mkbn3CZKg1Qpe98GjIGEkZhwMM3RfYo0uW732t908gDNBaMY5S5+ixr3XZfph9wJZiq1JUwMhMPa8gGTLiRNm6rDlNimgaAv3iBnGCZhSdX11bbj5qQrM17wDqyOyk44ywt1T9SW9K6Tode57pUoxVB9XkOLHCnx6of371xx5bhZ4l9NIbdLldfj1CI4bSOMqN/r7UZ96upoJ</InverseQ>
<D>VieCz8u4UJXDN0clLrwmivVMIk2uLX+ifcCC7LQVmGBSTrKdJ/eUzq1Wwrmo0yLKa5+T0EKrnr2ESoCYNTtbyu3jtNa8kXK+abTjekteLEdAr54Ou8JLcpZb1OE2aIFpwqFcrYWkjXXluAl6mZuS+i5gzbVzECi1nKGLAGLkeDzvSI7zdc+QxLZWVmYpa2QIgc0ANzKNJrdXSVNSuKCD0Sv52ceD0SrE8KshA7yPcP+om6OOdT900D1efvmJ9J7xHY4lukTMWvfvAcfrAvrwdDp//bO7MbTnLIE6DEXPyO43b7Yxc996h4MSXmKj73Zu4aidVP0DHrMRibpivs8ZReSfnD06zzlGpjpoX2Lhcc2kJN+Rn1NsISMP+jN9Ufv/RTePXy/3YSLnZX6H+GJ2gIcAJ4B9mwfz8dD6nUFyrhZELvc3/Bp9iW5wYWwbAIKQwAM4MfBBo77ur3VXWymlSwAOj2IQEfCpb0qY7n/3reJ5PfUD17LbWyuboiPL1oRzPp7VgxBXoSYAIQUTimEHOaJUogh3SLeK5b4Vx4ukFZp/c54qfJQz8oHOS3cCXIgiqKhPwDczeCY6h2Ya0YHn32jUacPQu3RyC1KQq+zEQ8nzL8uH7RA2dEYX0Wlco+9d7OamNsQL78+2GhtbKAvPlymMUFLSZVT1pRPpGBdpzQylRQpAk6PG5XZSGNjXPa6nHhHRTuLkCtoEH6xzS5gRTtRUnK8mxXGnc1eTHaVnKMuCdo82YLWCoLobHclHSLiKy20lIR3i84mXH4vLxwdaSMyLDwbDZxkepKx7Ga3J2HXtQ/NDvNoIRxmB</D>
</RSAKeyValue>
It contains couple of elements (Modules, Exponent, P, E, DP, DQ, InverseQ, D)
I read somewhere that the main element of a RSA private key is D.
But I want to know which parts of these elements should be secret and which parts can be publicly shared ? (Means there's no security problem if it be shared)
Thanks
From Wikipedia:
The public key consists of the modulus n and the public (or encryption) exponent e. The private key consists of the modulus n and the private (or decryption) exponent d, which must be kept secret. p, q, and φ(n) must also be kept secret because they can be used to calculate d.
This means that that you are correct. D is the most important part, but because 'd' can be found from other information (p,DP,DQ, InverseQ) they too should also be kept secret. The modulus and exponent form the public key.
source: http://en.wikipedia.org/wiki/RSA_(cryptosystem)
What's the algorithm for creating hash (sha-1 or MD5) of an RSA public key? Is there a standard way to do this? Hash just the modulus, string addition of both and then take a hash? Is SHA-1 or MD5 usually used?
I want to use it to ensure that I got the right key (have the sender send a hash, and I calculate it myself), and log said hash so I always know which exact key I used when I encrypt the payload.
Based on the OpenSSH source code, the way that a fingerprint is generated for RSA keys is to convert n and e from the public key to big-endian binary data, concatenate the data and then hash that data with the given hash function.
Portions of the OpenSSH source code follows. The comments were added to clarify what is happening.
// from key_fingerprint_raw() in key.c
switch (k->type) {
case KEY_RSA1:
// figure out how long n and e will be in binary form
nlen = BN_num_bytes(k->rsa->n);
elen = BN_num_bytes(k->rsa->e);
len = nlen + elen;
// allocate space for n and e and copy the binary data into blob
blob = xmalloc(len);
BN_bn2bin(k->rsa->n, blob);
BN_bn2bin(k->rsa->e, blob + nlen);
...
// pick a digest to use
switch (dgst_type) {
case SSH_FP_MD5:
md = EVP_md5();
break;
case SSH_FP_SHA1:
md = EVP_sha1();
break;
...
// hash the data in blob (n and e)
EVP_DigestInit(&ctx, md);
EVP_DigestUpdate(&ctx, blob, len);
EVP_DigestFinal(&ctx, retval, dgst_raw_length);
From the BN_bn2bin manual page:
BN_bn2bin(a, to) converts the absolute value of a into big-endian form and stores it at to. to must point to BN_num_bytes(a) bytes of memory.