0

Given a public key $(e,n)$, if we are free to choose the plaintext does that mean we are able to generate any possible ciphertext in $Z_n$ ?

Because if we were given $e$ we can say that the decryption key is $e^{-1} = k \mod n$ and then choose the ciphertext we wish to generate, say $c$, perform $c^k$ and that shows that any ciphertext is "reachable" via encryption given a specific key and some plaintext?

Is that correct?

Edit: The question is theoretical so we assume we know both the public and the private key.

kelalaka
  • 49,797
  • 12
  • 123
  • 211
caffein
  • 223
  • 1
  • 7

1 Answers1

3

Given a public key $(e,n)$, if we are free to choose the plaintext does that mean we are able to generate any possible ciphertext in $Z_n$ ?

Yes

Because if we were given $e$ we can say that the decryption key is $e^{-1} = k \mod n$

Not quite; the decryption key (which is traditionally named $d$; I'll leave it $k$ using your terminology) is related to the encryption key as $e \cdot k \equiv 1 \pmod{ \text{lcm}(p-1, q-1) }$, where $p, q$ are the prime factors of $n$, or in other words $e^{-1} = k \mod \text{lcm}(p-1, q-1)$. Other than that detail, you're correct.

and then choose the ciphertext we wish to generate, say $c$, perform $c^k \bmod n$ and that shows that any ciphertext is "reachable" via encryption given a specific key and some plaintext?

That is correct...

poncho
  • 154,064
  • 12
  • 239
  • 382