Hi Peter:
On October 26, 2009 10:37:54 pm Peter Lin wrote:
Thanks all guys for your opinion.
There is a HSM used which vendor provides hardware RSA encryption and
decryption. However, the key of to the hardware is one way-- I can only
pass in the key to the hardware, but cant pass out. Due
By encrypting using RSA private key, you have gained nothing - because
anyone can decrypt using the corresponding Public Key. If you encrypt using
the Public Key, how would you decrypt? You have a chicken-egg problem.
Not sure if encrypting using AES key (only) is considered secure enough
Peter Lin wrote:
The reason for this strange design is that, the plain text RSA
private key is stored in some hardware chip which can only do
en/decryption but cannot pass the key out. However, I need to
save a copy of the private key in a unsafe place for other
purpose, but need to make
Peter Lin wrote:
Hi folks,
I have a problem about key security.
If a RSA private key is encrypted by an AES key, which is again encrypted by
the same RSA private key itself, is this considered as a secure procedure?
Obtaining the encrypted RSA private key and the AES key, is there any way
Thanks all guys for your opinion.
There is a HSM used which vendor provides hardware RSA encryption and
decryption. However, the key of to the hardware is one way-- I can only pass
in the key to the hardware, but cant pass out. Due to the low performance of
the hardware decryption, I decide to
