Since everyone until now has simply defined what a hash function was, I will bite. A one-way function is not just a hash function — a function that loses information — but a function f for which, given an image y (“SE” or 294 in existing answers), it is difficult to find a pre-image x … Read more
In practice and with respect to security, no, mathematically, yes. If you have a private key (N, D), there is algebraically an infinite number of solutions to the equation 1 = E*D (mod Phi(N)). However, if you make two such solutions (E, N) and (E’, N) that both satisfy the equation public, you will have … Read more
There is no security hole by sending the IV in cleartext – this is similar to storing the salt for a hash in plaintext: As long as the attacker has no control over the IV/salt, and as long as it is random, there is no problem.
The size of a RSA key is expressed in bits, not bytes. 2048 bits are 256 bytes. A bare-bone RSA private key consists in two integers, the modulus (a big composite integer, its length in bits is the “RSA key length”) and the private exponent (another big integer, which normally has the same size than … Read more
RSA doesn’t pick from a list of known primes: it generates a new very large number, then applies an algorithm to find a nearby number that is almost certainly prime. See this useful description of large prime generation): The standard way to generate big prime numbers is to take a preselected random number of the … Read more
To Generate Private Key openssl genrsa -out privatekey.pem 2048 To Sign openssl dgst -sha256 -sign privatekey.pem -out data.txt.signature data.txt To Generate The Public Key dgst -verify requires the public key openssl rsa -in privatekey.pem -outform PEM -pubout -out publickey.pem To Verify openssl dgst -sha256 -verify publickey.pem -signature data.txt.signature data.txt In case of success: prints “Verified … Read more
openssl dgst -verify foo.pem expects that foo.pem contains the “raw” public key in PEM format. The raw format is an encoding of a SubjectPublicKeyInfo structure, which can be found within a certificate; but openssl dgst cannot process a complete certificate in one go. You must first extract the public key from the certificate: openssl x509 … Read more
The wikipedia article is a bit difficult to understand. In a nutshell, you can think of a Rainbow Table as a large dictionary with pre-calculated hashes and the passwords from which they were calculated. The difference between Rainbow Tables and other dictionaries is simply in the method how the entries are stored. The Rainbow table … Read more
(Expanding more than I feel is appropriate for an edit.) PKCS1, available in several versions as rfcs 2313 2437 3447 and 8017, is primarily about using the RSA algorithm for cryptography including encrypting decrypting signing and verifying. But since crypto is often used between systems or at least programs it is convenient to have a … Read more
What you describe is called a collision. Collisions necessarily exist, since SHA-1 accepts many more distinct messages as input that it can produce distinct outputs (SHA-1 may eat any string of bits up to 2^64 bits, but outputs only 160 bits; thus, at least one output value must pop up several times). This observation is … Read more