* Marek Marcola wrote:
[...]
Or maybe you can send your data in two smaller RSA encrypted
messages ?
I just want to store some authentication data - a username, group and
date - on a "token", which only offers a passive storage (116 byte
EEPROM) without any cryptografic functions, to save a secret
(normally a private key) from outside access. So this authentication
data must be encrypted to prevent unauthorized modification, because
every - maybe unauthorized - person can read and write on this
"token". This "token" should used for a two-factor-autentication
process with an additional password or pin. So, I want to use one
private RSA key the centrally sign this data. Decentral, I intend to
verify the RSA signature with the concerning public key. Is the
verification process successfully done, than the information stored
on the token are valid.
The problem is that deterministic encryption methods (like RSA)
offers the possibility of an {known, choosen}-plaintext-attack,
because the users (partial) know their own authentication data!
My questions are very simple: Is the RSA crypto-system with random
padding (e.g. default PKCS#1 v1.5 or OAEP) "strong enough" to
implement such a solution or is my concept totally insecure and I
should use e.g. an ElGamal encryption system?
Best regards,
Philippe
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
