ElGamal Decryption

28 views
Skip to first unread message

Weins, Thorsten

unread,
Jul 28, 2003, 8:12:31 AM7/28/03
to crypto...@eskimo.com
Hello,

I want to decrypt a ciphertext which has been encrypted using the
ElGamal-algorithm. I know the parameters a, b which represent the
ciphertext, the paramter x (private key), the parameter g (Group Generator)
and the modulus p.

I found the functions Decrypt() (from a base class) and the function
SymmetricDecrypt() but they both do not take the ciphertext splitted in a
and b. Does anybody know how to decrypt the message using crypptopp? The
elgamal example in validate2.cpp is not helpful in this case.

Thanks in advance,

Thorsten


Wei Dai

unread,
Jul 29, 2003, 7:57:04 PM7/29/03
to crypto...@eskimo.com
You should avoid ElGamal encryption, because it's not standard, and not
secure against some attacks. Instead, use DLIES.

If you must use ElGamal encryption for some reason, it takes ciphertext
that is twice as long as the prime modulus. The first half of the
ciphertext is a, the second is b.

Weins, Thorsten

unread,
Jul 30, 2003, 5:31:04 AM7/30/03
to crypto...@eskimo.com
Hello,

unfortunately I have to use ElGamal and I still do not know how to use it. I
have tried the follwing:

ElGamalKeys::PrivateKey pk;
RandomPool randPool;

pk.Initialize( clP, clG, clX);
ElGamal::Decryptor clDecrypter(pk);
clDecrypter.Decrypt(randPool, ciphertext, cipherTextLength, plaintext);

Every time I try to decrypt a message I run into an exception called
DL_BadElement. What am I doing wrong?

When do I have to use the method "SymmetricDecrypt()"?

Thanks in advance,

Thorsten

-----Ursprüngliche Nachricht-----
Von: Wei Dai [mailto:wei...@weidai.com]
Gesendet: Mittwoch, 30. Juli 2003 01:54
An: crypto...@eskimo.com
Betreff: Re: ElGamal Decryption

Shawn Masters

unread,
Jul 30, 2003, 8:19:40 AM7/30/03
to crypto...@eskimo.com
Based on your sample code below I have to assume that you have the key
correct as you are using the individual Integer elements. The next
logical question is about the ciphertext. Is it the result of a raw
ElGamal encryption, or was it coded in some manner or fasion? It is
rare to just see ElGamal (or RSA) results just passed around in a raw
format.

73,
Shawn

Weins, Thorsten

unread,
Jul 30, 2003, 8:27:30 AM7/30/03
to crypto...@eskimo.com
I try to decrypt an encrypted session key from PGP which is given as "MPI,
a, MPI, b". I have concatenated a and b so that the ciphertext (512 Byte)is
twice as long as the modulus. The point I am worried about is if I use the
cryptolib correctly. Can you help me?

Thanks,

Thorsten

-----Ursprüngliche Nachricht-----
Von: Shawn Masters [mailto:s...@nfr.com]
Gesendet: Mittwoch, 30. Juli 2003 14:16
An: crypto...@eskimo.com
Betreff: Re: AW: ElGamal Decryption

Reply all
Reply to author
Forward
0 new messages