rsa implementation question
bryanjugglercryptographer at yahoo.com
Thu Aug 12 03:49:45 CEST 2004
> could you elaborate on that? i thought signing by decrypting is
> the way to do it.
That is how Rivest, Shamir and Adleman originally presented it,
and they did win the ACM's Turing Award for the work, but the
use of 'raw' RSA is full of subtle problems. To understand the
basics, see chapter 11 of the book that Heiko Wundram cited:
(available free on-line)
In you really want to understand the math, I cited some of the
major papers in my response to Wundram. That's beyond the scope
of this group.
If you're implementing, just use a current standard that
cryptologists respect. For basic RSA (en/de)crypt and
sign/verify, PKCS#1 is a fine way to go. As I write this the
current version is 2.1, which is also published as RFC 3447.
More information about the Python-list