Namrata Sorte wrote: > Hey,
> Thanks for reply. Could you please explain me : >> You have to put connect it to a suitable transmission and drive it for it to work. > in more detail. Sure. RSA is a mathematical algorithm that has applications in encryption and signature verification. But it is not a solution by itself. It has specific weaknesses and problems that prohibit its *direct* use as an encryption algorithm. So to use RSA for real-world encryption, you have to make it part of a system. You look at your requirements, you look at your threat model, and if RSA helps you to meet those requirements, then you use it. If not, not. There are many complete encryption systems that use RSA as part of how they operate. But RSA itself is not suitable for direct usage. See this link for more details then you probably want: http://en.wikipedia.org/wiki/RSA Systems intended for direct use that employ RSA internally include things like GPG, PGP, Outlook Express, and SureFile. What these systems have in common is that they encrypt a document by generating a random key, encrypting the document with that key using an algorithm like AES, and then using RSA to encrypt the random key after modifying the key in ways that eliminate the cryptographic vulnerabilities RSA would otherwise have. See this link for example: http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding RSA should never be used directly. (Except by people who fully understand the reason for this rule enough to know when it doesn't apply.) DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
