How could a temporary RSA key be verified when it was signed with a public key affected by crypto export restrictions?

Asked 1 years ago, Updated 1 years ago, 113 views

I don't know where to downgrade the key due to the FREAK attack.
It seems that the public key is going to be downgraded, but

Q1.Is it a server-only attack with a weak public key in advance because the public key requires the signature of a certificate authority?

I thought, but according to Glorious factorization: How FREAK attacks work,

A1.Attack on server's ability to create temporarily vulnerable public keys

It seems thatBut here's another question:

Q2.How do clients authenticate temporary public keys?

That's what it means.
If you look at Glorious factorization: How FREAK attacks work above, it says that the server will sign and send with the server's (non-vulnerable) public key, but I don't think the client will accept it.

A2 (guess).The server sends both non-vulnerable and vulnerable public keys, and the client validates them in two stages

Is that so?
Then you can do more

Q3.How do I use a non-vulnerable public key to verify a vulnerable key when export restrictions prevent me from handling a non-vulnerable keys?

There is a question that

A3 (guessing).It was a key for encryption, and it was not a key for signature

Is that so?

security ssl openssl

2022-09-30 19:21

1 Answers

I think it's about right.In a nutshell, the regulations were only used as ciphers and signatures were fine.

A1.FREAK attacks use SSL protocol vulnerabilities and unqualified client implementations.Only a strong key is signed to the Certificate Authority, providing a temporarily created weak key if a client under export restrictions requires a weaker key (rewritten to request a weak key from the middleman in a FREAK attack).

A2. The weak key is signed with a strong private key signed by the certificate authority.This signature can be verified with a strong public key.

A3. Export restrictions are only used as encryption of high-bit RSA and do not include signatures, so you could sign them with bits of the size that would otherwise be restricted ( source is linked 22(d) Cryptographic Algorithms).

As for why regulations are only used for cryptography, I couldn't find anything written on it, so it's my idea from here on out, so the reason may be wrong.
In RSA, public and private keys are mathematically reversed, such as addition and subtraction.So when you create a key pair, you can use either of the keys as a public key, and if you use both keys in any order, the output will be the same as the input.
This is what we apply to be able to encrypt and sign in one pair.

  • When encrypting, encrypt with a public key and decrypt with a private key (only people with private keys can read).
  • Use a private key when signing and a public key for verification (only people with private keys can sign).

Now, if you compare the processing of a signature to the processing of a cipher, the confirmation of the signature is the decryption of the cipher.There is no reason to be regulated because the data is published (RSA's algorithm is published in a paper, so anyone who can write programs could write software that uses high bits).

2022-09-30 19:21

If you have any answers or tips

Popular Tags
python x 4647
android x 1593
java x 1494
javascript x 1427
c x 927
c++ x 878
ruby-on-rails x 696
php x 692
python3 x 685
html x 656
Popular Questions

515 PHP ssh2_scp_send fails to send files as intended

493 The method of the class of the application that I am creating in Typescript does not work as I expected.

928 In Java servlet, when SHA-256 sends WW-Authenticate header for digest authentication, the client does not return the result.

495 No exact matches in call to instance method 'append'

504 Understanding How to Configure Google API Key

© 2024 OneMinuteCode. All rights reserved.