gnu-crypto-discuss
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNU Crypto] EMSA-PKCS1-v1.5 and Diffie-Hellman key agreement

From: Casey Marshall
Subject: Re: [GNU Crypto] EMSA-PKCS1-v1.5 and Diffie-Hellman key agreement
Date: Mon, 18 Aug 2003 19:27:50 -0700
User-agent: Mutt/1.4i 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Aug 19, 2003 at 07:22:16AM +1000, Raif S. Naffah wrote:

> On Tue, 19 Aug 2003 12:26 am, Casey Marshall wrote:
> > On Mon, Aug 18, 2003 at 07:16:37AM +1000, Raif S. Naffah wrote:
> > > i finished implementing the above (EMSA-PKCS1-v1.5 as per rfc3447,
> > > and Diffie-Hellman key agreement as per rfc-2631).
> > >
> > > i'd like to add at least one signature scheme (with appendix) for
> > > use with DH keys; any preferences for such a scheme?
> >
> > Not sure what you mean. Pointer?
> 
> Diffie-Hellman, like RSA is just a key agreement that allows two parties 
> to generate a shared key. EMSA-PSS and EMSA-PKCS1-v1.5 are signature 
> schemes with appendix that use the RSA algorithm to generate and verify 
> digital signatures.  which signature scheme do you need/prefer with 
> Diffie-Hellman keys? or is just a DH algorithm for sharing a secret key 
> enough for Jessie?
> 

SSL just uses two-party Diffie-Hellman for key exchange. It uses RSA
encryption of the concatenation of an MD5 and SHA-1 hash for signatures,
and uses whatever algorithm was used to sign the X.509 certificate to
establish trust. These are the <hash>WithRSAEncryption, usually with MD5
or SHA-1, but MD2 can also be used.

<http://www.ietf.org/rfc/rfc3279.txt> lists the algorithms used.

- -- 
Casey Marshall || address@hidden
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/QYr5gAuWMgRGsWsRArOdAJ90inniLem8OSo48amClqqZhE9WbwCfToZr
zu7hslN8KbzBUzIC2/mJ6oc=
=n16U
-----END PGP SIGNATURE-----
reply via email to
[Prev in Thread] Current Thread [Next in Thread]