[RSA] Find encryption strength of public key

[xor]

Ok, so my original question was how we can determine the size of the key used to create a public RSA key. Through some investigation, I have come up with the following:

Take the following public key for example:

Code: [Select]

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDldB4T/xn8Sf0LQ2V/
RyZOTHBJuSm6otFLYtUky7f9StECAk9t4NxcnGY81icDxlc0HLgBseeG
zwJzzPD2R5gh5bEhf9PP5HEFJihODrNe3eSaiZCtQPVqeao9xUclo4W
l0pP8XfmybU2d0gdJWl9n5ud5cksrCK8xWalKLxpDrQ== www-data


Base64 decode and turn into Hex:


\x00\x00\x00\x07\x73\x73\x68\x2d\x72\x73\x61\x00\x00\x00\x03\x01\x00\x01\x00\x00\x00\x81
\x00\xe5\x74\x1e\x13\xff\x19\xfc\x49\xfd\x0b\x43\x65\x7f\x47\x26\x4e\x4c\x70\x49\xb9\x29
\xba\xa2\xd1\x4b\x62\xd5\x24\xcb\xb7\xfd\x4a\xd1\x02\x02\x4f\x6d\xe0\xdc\x5c\x9c\x66\x3c
\xd6\x27\x03\xc6\x57\x34\x1c\xb8\x01\xb1\xe7\x86\xcf\x02\x73\xcc\xf0\xf6\x47\x98\x21\xe5
\xb1\x21\x7f\xd3\xcf\xe4\x71\x05\x26\x28\x4e\x0e\xb3\x5e\xdd\xe4\x9a\x89\x90\xad\x40\xf5
\x6a\x79\xaa\x3d\xc5\x47\x25\xa3\x85\xa5\xd2\x93\xfc\x5d\xf9\xb2\x6d\x4d\x9d\xd2\x07\x49
\x5a\x5f\x67\xe6\xe7\x79\x72\x4b\x2b\x08\xaf\x31\x59\xa9\x4a\x2f\x1a\x43\xad

  // null padding header \x00\x00\x00
  // length of identifier string \x07
  // identifier string (ssh-rsa / ssh-dss)
  //  ssh-rsa \x73\x73\x68\x2d\x72\x73\x61
  //  ssh-dss \x73\x73\x68\x2d\x64\x73\x73
  // exponent prefix \x00\x00\x00\x03
  // exponent \x01\x00\x01 (65537)
  // modulus prefix (depends on key length, usually 5bytes for >=1024bit)
  //   consists of the length of the modulus
  // modulus (used to determine key size)

So if we break this down:

// Null padding (3 bytes)
\x00\x00\x00


// Length of next string (1 byte)
\x07


// Key type (7 bytes)
\x73\x73\x68\x2d\x72\x73\x61


// Exponent Prefix (4 bytes)
\x00\x00\x00\x03


// Exponent (3 bytes)
\x01\x00\x01


// Modulus prefix (5 bytes)
\x00\x00\x00\x81\x00


// Modulus (128 bytes)
\xe5\x74\x1e\x13\xff\x19\xfc\x49\xfd\x0b\x43\x65\x7f\x47\x26\x4e\x4c\x70\x49\xb9
\x29\xba\xa2\xd1\x4b\x62\xd5\x24\xcb\xb7\xfd\x4a\xd1\x02\x02\x4f\x6d\xe0\xdc\x5c
\x9c\x66\x3c\xd6\x27\x03\xc6\x57\x34\x1c\xb8\x01\xb1\xe7\x86\xcf\x02\x73\xcc\xf0
\xf6\x47\x98\x21\xe5\xb1\x21\x7f\xd3\xcf\xe4\x71\x05\x26\x28\x4e\x0e\xb3\x5e\xdd
\xe4\x9a\x89\x90\xad\x40\xf5\x6a\x79\xaa\x3d\xc5\x47\x25\xa3\x85\xa5\xd2\x93\xfc
\x5d\xf9\xb2\x6d\x4d\x9d\xd2\x07\x49\x5a\x5f\x67\xe6\xe7\x79\x72\x4b\x2b\x08\xaf
\x31\x59\xa9\x4a\x2f\x1a\x43\xad
So if we take the length of the modulus in bytes and multiply it by 8, we can see that the original key was 1024 bit RSA.


This can be confirmed by taking the value of 0x81 from the modulus prefix and comparing the two (0x81 == 129 (0-128)) - 128*8 = 1024

[I_Learning_I]

I'm not 100% sure about what I'm about to say, but as far as I know, any plain static encryption will result in the same number of characters.
I mean, just like MD5 has a specific length so does RSA.
Which means that an RSA encryption of "a" or "skadasndjkasndjknasdjnsjdnaksnd" will result in a different string but with the same length.
Knowing this it's possible to know the encryption method, however if more than one encryption (and I don't mean ENCODED) is applied the whole process of reverse is lost.

Above you mention a base64 decode in a RSA-1024, well, to be honest there's no easy way to know what kind of encryption and encoding has been done, no special chars or pre-fix, the only way is to actually make or find a list that contains a combo of these possibility's.

Unlike with MD5 where you can easily detect a WordPress MD5 due to the prefix which you won't find in a regular MD5 encryption.

So a short answer: It's possible to make a close guess, it's not possible to be 100% sure.