Jeremy R. wrote: > But RSA, from what I understand, doesn't by definition make one key > "public" and the other "private". Unless I'm really mistaken, you > create a key pair, whereby data encrypted with either can be decrypted > only by the other. I think it's only by convention that one is private > and the other is public.
Right, but you're not using RSA. You're using a public key signature algorithm that happens to be based on RSA. Preventing the public key from being deduced from the signature is not a normal security property of public key signature algorithms. So the signature algorithm you wind up using may or may not preserve this particular property of RSA. (You do understand that you cannot use RSA directly, right?) And you are not competent to make the determination that that property is preserved -- it takes a security expert to do that. So the question is -- does your outer security algorithm preserve this particular security property of the RSA algorithm on which it is based? Is this part of its stated security properties? I happen to know that a seat belt weighs less than ten pounds. I cannot infer from this that a car weighs less than ten pounds just because a car contains seat belts. You have to look up the car's weight. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
