Given An Elgamel Encryption Scheme With Public Parameters K Pub P A B And An Unk

Given an Elgamel encryption scheme with public parameters kpub = (p, a, B) and an unknown private key kpr = d. Due to an erroneous implementation of the random number generator of the encrypting party, the following relation holds for two temporary keys:

kM,j+1 = k2M,j mod p.

Given n consecutive ciphertexts

(kE1, y1), (kE2, y2),…,(KEn, yn)

to the plaintexts


Furthermore, the first plaintext x1 is known (e.g., header information).

  1. Describe how an attacker can compute the plaintexts x1, x2, …,xn from the given quantities.
  2. Can an attacker compute the private key d from the given information? Give reasons for your answer.
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply