> From: owner-openssl-us...@openssl.org On Behalf Of Jeremy R.
> Sent: Monday, 27 July, 2009 23:19
(Sorry I was out.)
>> Another idea: you're not using the benefit of PKC encryption
>> (unknown to one). Why not just symm-encrypt the data?
> Well, env
Jeremy R. wrote:
> But RSA, from what I understand, doesn't by definition make one key
> "public" and the other "private". Unless I'm really mistaken, you
> create a key pair, whereby data encrypted with either can be decrypted
> only by the other. I think it's only by convention that one is priv
On 27-Jul-09, at 9:59 PM, Dave Thompson wrote:
From: owner-openssl-us...@openssl.org On Behalf Of David Schwartz
Sent: Monday, 27 July, 2009 12:06
Jeremy R. wrote:
Okay, forgive my ignorance, but isn't the most common way
of signing
data simply taking a cryptographic hash (SHA-1, RIPEMD-1
> From: owner-openssl-us...@openssl.org On Behalf Of David Schwartz
> Sent: Monday, 27 July, 2009 12:06
> Jeremy R. wrote:
>
> > Okay, forgive my ignorance, but isn't the most common way
> of signing
> > data simply taking a cryptographic hash (SHA-1, RIPEMD-160,
> WHIRLPOOL,
> > etc.) and the
On 27-Jul-09, at 12:05 PM, David Schwartz wrote:
Jeremy R. wrote:
Okay, forgive my ignorance, but isn't the most common way of signing
data simply taking a cryptographic hash (SHA-1, RIPEMD-160,
WHIRLPOOL,
etc.) and then encrypting it with a public-key technology?
Yes, that's the most co
Jeremy R. wrote:
> Okay, forgive my ignorance, but isn't the most common way of signing
> data simply taking a cryptographic hash (SHA-1, RIPEMD-160, WHIRLPOOL,
> etc.) and then encrypting it with a public-key technology?
Yes, that's the most common way. But it is not a general property of
publi
Okay, forgive my ignorance, but isn't the most common way of signing
data simply taking a cryptographic hash (SHA-1, RIPEMD-160, WHIRLPOOL,
etc.) and then encrypting it with a public-key technology? By
definition, isn't any public-key technology (including RSA) guaranteed
to make it impossi
Jeremy R. wrote:
> It's also a good reason to understand why my solution isn't valid
> (assuming it isn't) so that I have the understanding to correctly
> engineer future programs that use cryptography.
Because it relies on special properties of the RSA internals where those
properties are not i
On 25-Jul-09, at 6:30 AM, David Schwartz wrote:
Jeremy R.:
Thanks for your reply, first of all. I'm by no means an expert in
cryptography (and obviously not on OpenSSL), and I'd appreciate any
insight you can provide.
So that's a good reason not to invent your own solution.
It's also a go
Jeremy R.:
> Thanks for your reply, first of all. I'm by no means an expert in
> cryptography (and obviously not on OpenSSL), and I'd appreciate any
> insight you can provide.
So that's a good reason not to invent your own solution.
> Yes, but what I have neglected to mention is that this infor
Thanks for your reply, first of all. I'm by no means an expert in
cryptography (and obviously not on OpenSSL), and I'd appreciate any
insight you can provide.
On 24-Jul-09, at 7:14 PM, David Schwartz wrote:
Jeremy R. wrote:
I'm writing a client application that needs to verify some conte
Jeremy R. wrote:
> I'm writing a client application that needs to verify some content
> from a server. I've generated an RSA key pair: the private key for the
> server and the public key for the client.
Okay.
> I also would like the data to be encrypted, so I'm trying to use
> EVP_OpenInit on t
12 matches
Mail list logo
