Hello I have a computer with Ubuntu OS and an Apache HTTP server. I am trying to create a SSL certificate using RSA public and private keys.
However it has come to my attention that at this present moment there are sophisticated methods such as man in middle attack, Side channel attack, and Branch prediction analysis attacks. http://en.wikipedia.org/wiki/Man-in-the-middle_attack http://en.wikipedia.org/wiki/Side_channel_attack http://en.wikipedia.org/wiki/Branch_prediction This is of a concern to me especially the side channel attack as it can analyse one's CPU variants to predict one's secret key. I am aware of the ongoing battle between hackers/attackers and the institutions which provide and create integrity modules/programs such as RSA/SSL etc. I also know that using high numbered bits (1024 bit encryption) and above lessens the chance of an attacker breaching your system using this method. This may be obsolete now with the introduction of attacks listed above such as Side-Channel Attack but RSA keys can be renewed and regenerated However what also has come to my attention is methods created and introduced by RSA to combat these threats such as 'padding' used by sub programs created by RSA such as OAEP and PKCS. So here is my question. I have an APACHE web server which I would like to host a HTTPS/SSL page. I would like to be able through OPENSSL to create a certificate and key(s) which use either PKCS or OAEP methods to 'pad' the encrypted connections between my computer and my clients. How would I be able to go about this? Thank you in advance for any feedback -- View this message in context: http://old.nabble.com/Using-PCKS-Padding-in-OpenSSL-tp31728673p31728673.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
