Sunday, August 20, 2006

How do you use RSA for both authentication and secrecy?

RSA is based upon public key/private key concept.

For authentication one can encrypt the hash (MD5/SHA) of the data with a private key. This is known as digital signature.

And secrecy / confidentiality is achieved by encrypting the data with the public key of the target user.

Generally we dont use RSA for encryption because of key size (1024 bits).
Rather a symmetric session key (128/256 bit) is established between communicating parties and is used for encryption.

No comments:

Post a Comment