PKCS #1: RSA Encryption Version 1.5
RFC 2313
Document | Type |
RFC - Informational
(March 1998; No errata)
Obsoleted by RFC 2437
Was draft-hoffman-pkcs-rsa-encrypt (individual)
|
|
---|---|---|---|
Author | Burt Kaliski | ||
Last updated | 2013-03-02 | ||
Stream | Legacy | ||
Formats | plain text html pdf htmlized bibtex | ||
Stream | Legacy state | (None) | |
Consensus Boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | RFC 2313 (Informational) | |
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) |
Network Working Group B. Kaliski Request for Comments: 2313 RSA Laboratories East Category: Informational March 1998 PKCS #1: RSA Encryption Version 1.5 Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (1998). All Rights Reserved. Overview This document describes a method for encrypting data using the RSA public-key cryptosystem. 1. Scope This document describes a method for encrypting data using the RSA public-key cryptosystem. Its intended use is in the construction of digital signatures and digital envelopes, as described in PKCS #7: o For digital signatures, the content to be signed is first reduced to a message digest with a message-digest algorithm (such as MD5), and then an octet string containing the message digest is encrypted with the RSA private key of the signer of the content. The content and the encrypted message digest are represented together according to the syntax in PKCS #7 to yield a digital signature. This application is compatible with Privacy-Enhanced Mail (PEM) methods. o For digital envelopes, the content to be enveloped is first encrypted under a content-encryption key with a content-encryption algorithm (such as DES), and then the content-encryption key is encrypted with the RSA public keys of the recipients of the content. The encrypted content and the encrypted Kaliski Informational [Page 1] RFC 2313 PKCS #1: RSA Encryption March 1998 content-encryption key are represented together according to the syntax in PKCS #7 to yield a digital envelope. This application is also compatible with PEM methods. The document also describes a syntax for RSA public keys and private keys. The public-key syntax would be used in certificates; the private-key syntax would be used typically in PKCS #8 private-key information. The public-key syntax is identical to that in both X.509 and Privacy-Enhanced Mail. Thus X.509/PEM RSA keys can be used in this document. The document also defines three signature algorithms for use in signing X.509/PEM certificates and certificate-revocation lists, PKCS #6 extended certificates, and other objects employing digital signatures such as X.401 message tokens. Details on message-digest and content-encryption algorithms are outside the scope of this document, as are details on sources of the pseudorandom bits required by certain methods in this document. 2. References FIPS PUB 46-1 National Bureau of Standards. FIPS PUB 46-1: Data Encryption Standard. January 1988. PKCS #6 RSA Laboratories. PKCS #6: Extended-Certificate Syntax. Version 1.5, November 1993. PKCS #7 RSA Laboratories. PKCS #7: Cryptographic Message Syntax. Version 1.5, November 1993. PKCS #8 RSA Laboratories. PKCS #8: Private-Key Information Syntax. Version 1.2, November 1993. RFC 1319 Kaliski, B., "The MD2 Message-Digest Algorithm," RFC 1319, April 1992. RFC 1320 Rivest, R., "The MD4 Message-Digest Algorithm," RFC 1320, April 1992. RFC 1321 Rivest, R., "The MD5 Message-Digest Algorithm," RFC 1321, April 1992. RFC 1423 Balenson, D., "Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers," RFC 1423, February 1993. Kaliski Informational [Page 2] RFC 2313 PKCS #1: RSA Encryption March 1998 X.208 CCITT. Recommendation X.208: Specification of Abstract Syntax Notation One (ASN.1). 1988. X.209 CCITT. Recommendation X.209: Specification of Basic Encoding Rules for Abstract Syntax Notation One (ASN.1). 1988. X.411 CCITT. Recommendation X.411: Message Handling Systems: Message Transfer System: Abstract Service Definition and Procedures.1988. X.509 CCITT. Recommendation X.509: The Directory-- Authentication Framework. 1988. [dBB92] B. den Boer and A. Bosselaers. An attack on the last two rounds of MD4. In J. Feigenbaum, editor, Advances in Cryptology---CRYPTO '91 Proceedings, volume 576 of Lecture Notes in Computer Science, pages 194-203. Springer-Verlag, New York, 1992.Show full document text