BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }
First things first, I would recommend against developing your own
protocol. Look at using TLS if you can and if it fits into your
applications paradigm.
Secondly, asymmetric encryption is very slow compared to symmetric
encryption so asymmetric encryption (RSA, Diffie-Helman or ECC) is
only used for key-exchange or agreement for one or more symmetric
keys. Thus, after a 'slow' start, the symmetric encryption is very
fast. TLS gives you more than just that though, it also provides
integrity of the session.
If you don't require authentication, then TLS can be used in this
mode using D-H, so you get confidentiality and integrity. If you do
require authentication, then you need to look further into X.509
based certifiicate/key-pairs and derive a security policy for how
they will be generated and validated.
Without a concrete example of what you want to do and what you want
to secure, it is difficult for anyone to make a firm recommendation.
Carl
On Fri 24/04/09 3:02 PM , Sever P A gnu.se...@gmail.com sent:
Hello,
Maybe, in my last post, I didn't explain my problem as well...
I'm trying to identify the functions to integrate in my
client-server application (developped in C/C++ language) that allow
me to construct an assimetric encryption system.
Specifically, I need to know the functions for
1) Generating (& identificating) both private & public keys.
2) Signing the public key with the foreign private key.
3) Encrypting messages using the foreign public key.
4) Decrypting messages using the private key.
I need help to be pointed at the documentation pages & the concrete
functions.
Moreover, I read that RSA is so good...
Could you help me ?
S.
