Re: Bit size, keys and certificates

Mon, 11 Sep 2000 18:21:03 -0700 

Hi Gary.

Gary Taylor wrote:

> I have some newbie questions that I'm trying to get a handle on.
>
> I understand there are software products sold that offer 0, 40, and 128 bit
> encryption.  I also understand than when you talk about keys that the strength
> is measured in bit size.  From what I've read a common size is 512bit and
> 1024bit.  My question is how are these two items related? Or more acurately,
> what does the 128 bit signify on software packages?  Does the 128bit mean the
> highest encryption method the software will employ.  As in RSA with RC4 128
> MD5?  If that is true then when I generate keys why wouldn't it be a 128 bit
> key?
>

The operation of a security products is based on "suites" of algorithms. This
suites includes simmetric algorithms, or secret key algorithm, and asimmetric, or
pubic key algorithms.. Simmetric and asimmetric algorithm differs in many ways,
including the nature of the operations involved. So the first ones (for example
RC4) use keys that go from 40 bits to 168 bits. The last ones use keys of 512,
1024, or 2048 bits long. When you "generate" keys you're generating asimmetric
keys. Generally the simmetric keys are generates internally by the software.

>
> Next question.
>
> Bit sizes are only related to key sizes, not certificate sizes?
> Correct?  A peer keeps talking about certificate bit size, but I've never seen
> a certificate measured in bit size, only keys.
>
> Please correct me if any of my assumptions are wrong.
>

I think he's refering to the public (asimmetric) key contained in the
certificate., but is more correct to say of key sizes.

>
> Thanks
> Gary
> A
> Gary
>

You're wellcome. Glad for being help. Bye.

Rodrigo.

--
Como la muerte anda en secreto, y no se sabe que mañana,
yo voy a hacer mi testamento, a repartir lo que me falta.
Pues lo que tuve ya esta hecho. Ya está abrigado, ya está en casa...
Yo voy a hacer mi testamento para cerrar cuentas soñadas..."
Testamento, Silvio Rodriguez


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to