> Von: Scott G. Kelly [mailto:[EMAIL PROTECTED]] > > Does anyone know of any issue > with using > RSA encryption to encrypt a symmetric key under the target's > public key > if the encrypted value is public (e.g. sent over a network)? > You have to be very careful in designing and implementing your _de_cryption routines. There have been some attacks when the decryption is not done correctly.
References are: - Daniel Bleichbacher, Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1. CRYPTO 1998: 1-12. - James Manger, A Chosen Ciphertext Attack on RSA Optimal Asymmetric Encryption Padding (OAEP) as Standardized in PKCS #1 v2.0. CRYPTO 2001: 230-238 These attacks are against PKCS#1 padding, and for the method you describe (direct encryption of a symmetric key with zero padding) I had a paper at this year's PKC conference describing some attacks. I hope this helps, Ulrich Kuehn --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]