Cotse - Connected: An Internet Encyclopedia - 4.1.2 MD5/RSA Algorithm Signature Calculation

Church Of The
Swimming Elephant


		Search:


		Online Tools:

Proxy Check

Port Search

File Extention Search

Base Converter

On-Line Testing

Subnet Calculator


		References:

Help Desk

Internet Encyclopedia

Dictionaries

RFC's

ICMP Types

Protocol Numbers

Common Protocols

Multicast Addresses

Ethernet Numbers

Tech Essays

Internet Course

Solaris Information

Misc. References

Command References

Programming


		Downloads:

CGI Scripts

IDS

Vulnerability Scanners

Port Scanners

Network Monitoring

Firewall

Ping

NetBIOS

Password

Packet Tools

Promiscuous Detection

Fingerprinting

Phone

Steganography

HTML

Misc.

Wordlists 1

Wordlists 2

Mini UNIX Distros


		Privacy:

Resources

Web Proxy

Webmail & Usenet


		Contact:

Site Info & Stats

Contact Webmaster

4.1.2 MD5/RSA Algorithm Signature Calculation Connected: An Internet Encyclopedia
4.1.2 MD5/RSA Algorithm Signature Calculation

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 2065
Up: 4. The SIG Resource Record
Up: 4.1 SIG RDATA Format
Prev: 4.1.1 Signature Data
Next: 4.1.3 Zone Transfer (AXFR) SIG

4.1.2 MD5/RSA Algorithm Signature Calculation

For the MD5/RSA algorithm, the signature is as follows

      hash = MD5 ( data )

      signature = ( 01 | FF* | 00 | prefix | hash ) ** e (mod n)

where MD5 is the message digest algorithm documented in RFC 1321, "|" is concatenation, "e" is the private key exponent of the signer, and "n" is the modulus of the signer's public key. 01, FF, and 00 are fixed octets of the corresponding hexadecimal value. "prefix" is the ASN.1 BER MD5 algorithm designator prefix specified in PKCS1, that is,

           hex 3020300c06082a864886f70d020505000410 [NETSEC].

This prefix is included to make it easier to use RSAREF or similar packages. The FF octet is repeated the maximum number of times such that the value of the quantity being exponentiated is one octet shorter than the value of n.

(The above specifications are identical to the corresponding part of Public Key Cryptographic Standard #1 [PKCS1].)

The size of n, including most and least significant bits (which will be 1) SHALL be not less than 512 bits and not more than 2552 bits. n and e SHOULD be chosen such that the public exponent is small.

Leading zeros bytes are not permitted in the MD5/RSA algorithm signature.

A public exponent of 3 minimizes the effort needed to decode a signature. Use of 3 as the public exponent may be weak for confidentiality uses since, if the same data can be collected encrypted under three different keys with an exponent of 3 then, using the Chinese Remainder Theorem, the original plain text can be easily recovered. This weakness is not significant for DNS because we seek only authentication, not confidentiality.

Next: 4.1.3 Zone Transfer (AXFR) SIG

Connected: An Internet Encyclopedia
4.1.2 MD5/RSA Algorithm Signature Calculation


		Cotse.Net

Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details