Skip to content

recover (p, q) given (n, e, d) #1633

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jan 18, 2015
Merged

recover (p, q) given (n, e, d) #1633

merged 4 commits into from
Jan 18, 2015

Conversation

@reaperhulk
Copy link
Member

@reaperhulk reaperhulk commented Jan 18, 2015

@reaperhulk reaperhulk added this to the Eighth Release milestone Jan 18, 2015
alex
alex reviewed Jan 18, 2015
View reviewed changes
docs/hazmat/primitives/asymmetric/rsa.rst
Copy link
Member

@alex alex Jan 18, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note should go after the description IMO.

@jenkins-cryptography
Copy link

jenkins-cryptography commented Jan 18, 2015

Test PASSed.
Refer to this link for build results: https://jenkins.cryptography.io/job/cryptography-pr-experimental/2861/

alex
alex reviewed Jan 18, 2015
View reviewed changes
src/cryptography/hazmat/primitives/asymmetric/rsa.py Outdated
Copy link
Member

@alex alex Jan 18, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should 1000 be extrated into a constant so it's obvious what it means.

Copy link
Member Author

@reaperhulk reaperhulk Jan 18, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure what we should call this. Ideas? It's the base for the candidate number and the value 1000 means we're willing to perform up to 500 iterations (since a += 2 in the loop)

Copy link
Member

@public public Jan 18, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

attempts?

FYI 500 attempts has like a 1 in 1.5 Googol chance of failure.

Copy link
Member Author

@reaperhulk reaperhulk Jan 18, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It does += 2 so 1000 only means 500 attempts. And yeah 2**-500 probability of failure.

Copy link
Member

@alex alex Jan 18, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

_MAX_ATTEMPTS or something?

On Sun Jan 18 2015 at 12:08:39 PM Paul Kehrer notifications@github.com
wrote:

In src/cryptography/hazmat/primitives/asymmetric/rsa.py
#1633 (diff):

  • """

  • See 8.2.2(i) in Handbook of Applied Cryptography.

  • ktot = d * e - 1

  • The quantity d*e-1 is a multiple of phi(n), even,

  • and can be represented as t*2^s.

  • t = ktot
  • while t % 2 == 0:
  •    t = t // 2

  • Cycle through all multiplicative inverses in Zn.

  • The algorithm is non-deterministic, but there is a 50% chance

  • any candidate a leads to successful factoring.

  • See "Digitalized Signatures and Public Key Functions as Intractable

  • as Factorization", M. Rabin, 1979

  • spotted = False
  • a = 2
  • while not spotted and a < 1000:

It does += 2 so 1000 only means 500 attempts. And yeah 2**-500 probability
of failure.


Reply to this email directly or view it on GitHub
https://github.com/pyca/cryptography/pull/1633/files#r23134808.

Copy link
Member Author

@reaperhulk reaperhulk Jan 18, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay, moved it out and added a comment to explain what it is.

@jenkins-cryptography
Copy link

jenkins-cryptography commented Jan 18, 2015

Test PASSed.
Refer to this link for build results: https://jenkins.cryptography.io/job/cryptography-pr-experimental/2863/

@jenkins-cryptography
Copy link

jenkins-cryptography commented Jan 18, 2015

Test PASSed.
Refer to this link for build results: https://jenkins.cryptography.io/job/cryptography-pr-experimental/2866/

@alex
Copy link
Member

alex commented Jan 18, 2015

lgtm, will merge assuming tests+coverage

@jenkins-cryptography
Copy link

jenkins-cryptography commented Jan 18, 2015

Test PASSed.
Refer to this link for build results: https://jenkins.cryptography.io/job/cryptography-pr-experimental/2870/

@coveralls
Copy link

coveralls commented Jan 18, 2015

Coverage Status

Coverage remained the same when pulling 65637eb on reaperhulk:fix-975 into 2ca4a77 on pyca:master.

alex added a commit that referenced this pull request Jan 18, 2015
@alex
Merge pull request #1633 from reaperhulk/fix-975
7b672ca 
recover (p, q) given (n, e, d)
@alex alex merged commit 7b672ca into pyca:master Jan 18, 2015
@reaperhulk reaperhulk deleted the fix-975 branch January 26, 2015 13:31
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 16, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

primitives

Milestone

Eighth Release

Development

Successfully merging this pull request may close these issues.

[RSA] Add functions to recover (p, q) given (n, e, d)

5 participants

@reaperhulk @jenkins-cryptography @alex @coveralls @public