4.1.1 RSA Keys
Connected: An Internet Encyclopedia
4.1.1 RSA Keys
Up:
Connected: An Internet Encyclopedia
Up:
Requests For Comments
Up:
RFC 1423
Up:
4. Asymmetric Key Management Algorithms
Up:
4.1 Asymmetric Keys
Prev: 4.1 Asymmetric Keys
Next: 4.2 Asymmetric Encryption Algorithms
4.1.1 RSA Keys
4.1.1 RSA Keys
An RSA asymmetric key pair is comprised of matching public and
private keys.
An RSA public key consists of an encryption exponent e and an
arithmetic modulus n, which are both public quantities typically
carried in a publickey certificate. For the value of e, Annex C to
X.509 suggests the use of Fermat's Number F4 (65537 decimal, or
1+2**16) as a value "common to the whole environment in order to
reduce transmission capacity and complexity of transformation", i.e.,
the value can be transmitted as 3 octets and at most seventeen (17)
multiplications are required to effect exponentiation. As an
alternative, the number three (3) can be employed as the value for e,
requiring even less octets for transmission and yielding even faster
exponentiation. For purposes of PEM, the value of e shall be either
F4 or the number three (3). The use of the number three (3) for the
value of e is encouraged, to permit rapid certificate validation.
An RSA private key consists of a decryption exponent d, which should
be kept secret, and the arithmetic modulus n. Other values may be
stored with a private key to facilitate efficient private key
operations (see PKCS #1 [11]).
For purposes of PEM, the modulus n may vary in size from 508 to 1024
bits.
Two ASN.1 object identifiers have been defined to identify RSA public
keys. In Annex H of X.509 [8], the object identifier
rsa OBJECT IDENTIFIER ::= {
jointisoccitt(2) ds(5) algorithm(8)
encryptionAlgorithm(1) 1
}
is defined to identify an RSA public key. A single parameter,
KeySize, the length of the public key modulus in bits, is defined for
use in conjunction with this object identifier. When this object
identifier is used with the ASN.1 type AlgorithmIdentifier, the
parameters component of that type is the number of bits in the
modulus, ASN.1 encoded as an INTEGER.
Alternatively, in PKCS #1 [11], the ASN.1 object identifier
rsaEncryption OBJECT IDENTIFIER ::= {
iso(1) memberbody(2) US(840) rsadsi(113549) pkcs(1)
pkcs1(1) 1
}
is defined to identify both an RSA public key and the RSAEncryption
process. There are no parameters defined in conjunction with this
object identifier, hence, when it is used with the ASN.1 type
AlgorithmIdentifier, the parameters component of that type is the
ASN.1 type NULL.
A compliant PEM implementation may optionally generate an RSA
publickey certificate that identifies the enclosed RSA public key
(within the SubjectPublicKeyInformation component) with either the
"rsa" or the "rsaEncryption" object identifier. Use of the "rsa"
object identifier is encouraged, since it is, in some sense, more
generic in its identification of a key, without indicating how the
key will be used. However, to facilitate interoperability, a
compliant PEM implementation shall accept RSA publickey certificates
that identify the enclosed RSA public key with either the "rsa" or
the "rsaEncryption" object identifier. In all cases, an RSA public
key identified in an RSA publickey certificate with either the "rsa"
or "rsaEncryption" object identifier, shall be used according to the
procedures defined below for asymmetric encryption algorithms and
asymmetric signature algorithms.
Next: 4.2 Asymmetric Encryption Algorithms
Connected: An Internet Encyclopedia
4.1.1 RSA Keys
