rsa implementation question
Bryan Olson
bryanjugglercryptographer at yahoo.com
Wed Aug 11 21:49:45 EDT 2004
Ajay wrote:
> could you elaborate on that? i thought signing by decrypting is
> the way to do it.
That is how Rivest, Shamir and Adleman originally presented it,
and they did win the ACM's Turing Award for the work, but the
use of 'raw' RSA is full of subtle problems. To understand the
basics, see chapter 11 of the book that Heiko Wundram cited:
(available free on-line)
http://www.cacr.math.uwaterloo.ca/hac/
In you really want to understand the math, I cited some of the
major papers in my response to Wundram. That's beyond the scope
of this group.
If you're implementing, just use a current standard that
cryptologists respect. For basic RSA (en/de)crypt and
sign/verify, PKCS#1 is a fine way to go. As I write this the
current version is 2.1, which is also published as RFC 3447.
--
--Bryan
More information about the Python-list
mailing list