Security of Public-Key Algorithms Since a cryptanalyst has access to the public key, he can always choose any message to encrypt Eve can generate a database of all possible session keys encrypted with Bob's public key most public-key algorithms are particularl susceptible to a chosen-ciphertext attack In systems where the digital signature operation is the inverse of the encryption operation this attack is impossible to prevent unless different keys are used for encryption and signatures4 Security of Public-Key Algorithms • Since a cryptanalyst has access to the public key, he can always choose any message to encrypt. • Eve can generate a database of all possible session keys encrypted with Bob’s public key. • most public-key algorithms are particularly susceptible to a chosen-ciphertext attack • In systems where the digital signature operation is the inverse of the encryption operation, this attack is impossible to prevent unless different keys are used for encryption and signatures