On Fri, 2003-12-05 at 03:25, Vadim Fedukovich wrote: > > As far as I know AES is a symmetrical Algorithm which does not use > > Public Keys. So the password you give (or more probably a hash of the > > password) will be the key for en- and decrypting the data. > > Doing so would result in a one single fixed key for different messages > to encrypt. One should think twice before doing it this way. >
I'll take a stab at the answer. As far as I'm aware, AES - like DES and 3DES before it - are *only* used to encrypt data. They take no part in PKI to do with public keys/etc. The principle in PKI is that you generate a private and public key using RSA or DH (?). These are *extremely* strong (i.e. computationally expensive operations) operations, and are used to do session key exchanges for (e.g.) network encryption sessions such as SSL and IPSec. So you use RSA/DH to gain a secure channel over which you agree on a (randomly generated) session key. That session key (a "password" if you like) is then used to actually encrypt the data - using AES/DES. Part of IPSEC's IKE protocol is to handle these "sessions" - how long a particular session key is valid for/etc. e.g. IPSec might renegotiate new session keys each hour - which means that even if a hacker grabs the data stream, and spends a couple of months brute-forcing AES/DES keys against the data, at most they end up decrypting an hours worth of data. The assumption here being that the RSA/DH keys take 1,000 of years to brute. Does that sound roughly correct? Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
