[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GNU Crypto] EMSA-PKCS1-v1.5 and Diffie-Hellman key agreement
From: |
Casey Marshall |
Subject: |
Re: [GNU Crypto] EMSA-PKCS1-v1.5 and Diffie-Hellman key agreement |
Date: |
Mon, 18 Aug 2003 19:27:50 -0700 |
User-agent: |
Mutt/1.4i |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, Aug 19, 2003 at 07:22:16AM +1000, Raif S. Naffah wrote:
> On Tue, 19 Aug 2003 12:26 am, Casey Marshall wrote:
> > On Mon, Aug 18, 2003 at 07:16:37AM +1000, Raif S. Naffah wrote:
> > > i finished implementing the above (EMSA-PKCS1-v1.5 as per rfc3447,
> > > and Diffie-Hellman key agreement as per rfc-2631).
> > >
> > > i'd like to add at least one signature scheme (with appendix) for
> > > use with DH keys; any preferences for such a scheme?
> >
> > Not sure what you mean. Pointer?
>
> Diffie-Hellman, like RSA is just a key agreement that allows two parties
> to generate a shared key. EMSA-PSS and EMSA-PKCS1-v1.5 are signature
> schemes with appendix that use the RSA algorithm to generate and verify
> digital signatures. which signature scheme do you need/prefer with
> Diffie-Hellman keys? or is just a DH algorithm for sharing a secret key
> enough for Jessie?
>
SSL just uses two-party Diffie-Hellman for key exchange. It uses RSA
encryption of the concatenation of an MD5 and SHA-1 hash for signatures,
and uses whatever algorithm was used to sign the X.509 certificate to
establish trust. These are the <hash>WithRSAEncryption, usually with MD5
or SHA-1, but MD2 can also be used.
<http://www.ietf.org/rfc/rfc3279.txt> lists the algorithms used.
- --
Casey Marshall || address@hidden
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE/QYr5gAuWMgRGsWsRArOdAJ90inniLem8OSo48amClqqZhE9WbwCfToZr
zu7hslN8KbzBUzIC2/mJ6oc=
=n16U
-----END PGP SIGNATURE-----