Hi, thanks for the answer, So, If i understand correctly in KEM the following steps are performed by each party:
1. Generate RSA key pair 2. Pick a random symmetric key that will be used in creating the final key 3. Encrypt key with each other's RSA public key 4. Send the encrypted key to the other side 5. Decrypt with private key 6. Concatenate the 2 parts together and run the KDF 7. Use the result in a symmetric algorithm I was thinking of producing the shared secret the way DH does, where the key generation based on a common base allows for that. I guess this can't be done with RSA keys. Thanks, George Στις Παρ, 19 Ιουλ 2019 στις 3:44 μ.μ., ο/η Uri Blumenthal < [email protected]> έγραψε: > Yes. What RSA provides is KEM - Key Encapsulation Mechanism. You would run > *two* of them - one in reach direction - and then run a KDF over > concatenation of these two encapsulated symmetric keys. > > AFAIK, it's the only way. And that's what NIST is doing with their > Post-Quantum competition: they requested only KEMs, but no Key Agreement. > > Sent from my test iPhone > > On Jul 19, 2019, at 08:13, George K <[email protected]> wrote: > > Hi, > > Is there a way to produce a shared secret key to be used for symmetric > encryption(e.g. AES) by using RSA key pairs? I know that the standard way > of doing something like that is to use the recipient's RSA public key to > encrypt the randomly generated symmetric key and then send it to the other > side alongside the symmetrically encrypted message. > I wonder if it is possible to skip the first message and compute a shared > secret by using each other's public keys, similar to how DH works. > > Thanks, > George > > -- > You received this message because you are subscribed to "Crypto++ Users". > More information about Crypto++ and this group is available at > http://www.cryptopp.com and > http://groups.google.com/forum/#!forum/cryptopp-users. > --- > You received this message because you are subscribed to the Google Groups > "Crypto++ Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/cryptopp-users/0cc9242e-06f5-4ded-8924-4a1aaac05075%40googlegroups.com > <https://groups.google.com/d/msgid/cryptopp-users/0cc9242e-06f5-4ded-8924-4a1aaac05075%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > -- You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/cryptopp-users/CAHUfQufHQgzEYeUzuvu2MSXNLCkc70J%3D-JofKroS-jLTFb4mkw%40mail.gmail.com.
