This is related to my previous post, where my only option was to have a RSA algorithm which seemed relatively weak. Let us assume that I want to encode a 35 bit number (From 0 upto 34359738367) with a 36 bit modulo (between 34359738368 upto 68719476735).
Referring to http://en.wikipedia.org/wiki/RSA I can see that my n is between 34359738368 upto 68719476735 a random totient (of the form p-1 * q-1). I pick a random d and e. I encode a number and show that on the UI.
For the purpose of argument let us assume that a user can see upto 1,000 such outputs. Can he use some algorithms like Polla's or anything of the like to crack my d,e or n and thereby start predicting new numbers? If so how hard is it going to be ? (By just knowing say 1000 sets of inputs/outputs)
As an example (consider 6 outputs as sample in input/output format),
- 10001621865,31116156015
- 10001621866,33031668326
- 10001621867,37351399313
- 10001621868,06071714212
- 10001621869,01188523761
- 10001621870,18341011998
Can someone tell me what my n, d, e was? (N between 34359738368 upto 68719476735)
I simply want to know how crackable it is, so if you could give me any information on how long, how fast, how many outputs does one has to see, what algorithms can one use etc. It will be great.
PS: User does not see the "e" like the standard RSA algorithm. He can only see the input output sets.
DETAILS ADDED I am trying to present a sequential user-id from db to the user. Because it is sequential I dont want a user to guess another user's id by doing a few registrations. To avoid this I have to scramble it to a <= 12 digit number. There were lot of constraints around this which were explained in this question .
Also the value of n,d and e is not known to the user. The maximum a user can see is a few input ouput samples (by way of registering repeatedly)
Accepting the answer posted by Accipitridae since the "Jacobi" algorithm can be used to crack this in a matter of few seconds. Without knowing n, e or p.