LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

True or false: "EC security is based on a one-way function WITH trapdoor (like RSA)."

False — EC security is based on the discrete logarithm problem, which is a one-way function WITHOUT trapdoor. Unlike RSA, nobody has a secret shortcut — the problem is hard for everyone.

Comparison: RSA is one-way WITH a trapdoor (knowing p,q makes inversion easy), while EC/DLP is one-way WITHOUT a trapdoor (hard for everyone)

* RSA hides a trapdoor — the factorisation $p,q$ — that makes inversion easy for its owner; the discrete log has no such shortcut, so $k$ is hard to find for everyone. *

The distinction:

  • RSA: One-way function WITH trapdoor. Computing $m^e \mod N$ is easy; the inverse (e-th root) is hard WITHOUT knowing $p,q$ but easy WITH knowing $p,q$
  • EC/DH/ElGamal: One-way function WITHOUT trapdoor. Computing $k \cdot P$ is easy; finding $k$ from $P$ and $k \cdot P$ is hard for EVERYONE — there is no secret shortcut

How EC crypto works without a trapdoor:

  • ECDH: Both parties contribute randomness → shared secret emerges without either solving the hard problem
  • EC ElGamal: Message is masked with ephemeral key → receiver uses their secret exponent to reconstruct the same mask
  • ECDSA: Signature is constructed so verification requires only public parameters

This is the same fundamental distinction that separates RSA (factoring-based) from all discrete-log-based schemes (DH, ElGamal, DSA, Schnorr, ECC variants of all these).

Go deeper:

From Quiz: KRYPTOG / Elliptic Curve Cryptography | Updated: Jul 14, 2026