[19264] in cryptography@c2.net mail archive
Re: crypto for the average programmer
daemon@ATHENA.MIT.EDU (ericm@lne.com)
Thu Dec 15 11:41:17 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 14 Dec 2005 15:34:29 -0800
From: ericm@lne.com
To: "Whyte, William" <WWhyte@ntru.com>
Cc: "Travis H." <solinym@gmail.com>,
Peter Gutmann <pgut001@cs.auckland.ac.nz>, cryptography@metzdowd.com
In-Reply-To: <9DC3EBEFB87A97498A7D25F130DE27E42069AE@ohthree.jjj-i.com>
On Wed, Dec 14, 2005 at 02:16:10PM -0500, Whyte, William wrote:
>
> > On 12/14/05, Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote:
> > > I don't know if there's any site tracking this, but (as the
> > tutorial says) you
> > > can either go with PKCS #1 (the de facto standard, easy to
> > implement and
> > > widely used) ...
> >
Someone not Peter wrote:
> > Actually, I'm embarassed to admit this but I've seen PKCS before but
> > never with enough context to know what it was; I thought it was some
> > kind of RSA proprietary mumbo-jumbo. But, oh dear, it involves ASN.1.
> > That rules out use by the layperson. I've run into ASN.1 before with
> > regard to SNMP, and it struck me as infinitely more complex than
> > anything I'd ever need to query packet counts on my router.
>
> Have a look at PKCS#1. There's hardly any ASN.1 in it at all and
> the structures are relatively simple. There's also a PKCS examples
> document that talks you through it.
An application programmer who is using PKCS1 doesn't even need to
know the small amount of ASN.1 in the spec... libraries that
implement RSA PKCS1 take care of the ASN.1 for the programmer.
There's no need for the consumer of a crypto API to look into the
bigints that make up an RSA key. Even if you did for some
reason, many APIs I have used don't represent RSA keys at the
API level with the ASN.1, they use their own bigint format.
The part you need to look at is the padding, and even for that
you will be using some library's padding routines, not writing your own.
Eric
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
