Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!seismo!rutgers!princeton!allegra!ulysses!mhuxt!ihnp4!ihlpf!stewart From: stewart@ihlpf.UUCP Newsgroups: sci.crypt Subject: Re: Security of RSA and factoring Message-ID: <937@ihlpf.UUCP> Date: Tue, 13-Jan-87 15:16:50 EST Article-I.D.: ihlpf.937 Posted: Tue Jan 13 15:16:50 1987 Date-Received: Wed, 14-Jan-87 23:03:42 EST References: <9041@duke.duke.UUCP> <4205@columbia.UUCP> <9054@duke.duke.UUCP> Organization: AT&T Bell Labs, Naperville, IL Lines: 22 >> What is true is that the >> only known method of breaking RSA involves factoring huge numbers, but >> that is not to say that there is not some other undiscovered method. > The point about RSA is that if you can break the code, you can get > the factorization of the key (this is easy to do). Therefore, it is > obviously equivalent in difficulty to factoring. (i.e., you can set > up a "fake" RSA scheme using the number to be factored, break RSA, and > then you have the factorization of the number -- so while you don't > necessarily have to be able to factor a number to break RSA, the problems > have the same difficulty. Make sense?) It's not this easy. You need the factors of your prime to generate the RSA keys. This prevents you from setting up the "fake" RSA scheme to get the factorization. Even if you could set up a fake RSA scheme, it might still be possible to break it without factoring the composite number. RSA is no *more* difficult than factoring, but it still might be *less* difficult. Bob Stewart ihnp4!ihlpf!stewart