#!/usr/local/bin/php
[Zen and the Art of Motorcycle Maintenance]
RSA is a public-key cryptosystem defined by Rivest, Shamir, andAdleman.
While Diffie and Hellman proposed a system that requires the dynamic
exchange of keys for every sender-receiver pair (and in practice,
usually every communications session, hence the term `session key'). The
RSA system reduces communications overhead with the ability to have
static, unchanging keys for each receiver that are `advertised' by a
formal `trusted authority' (the hierarchical model) or distributed in an
informal `web of trust'.
The most popular public-key cipher is the RSA system . The security of
this scheme is related to the mathematical problem of factorization: it
is easy to generate two large primes and to multiply them, but given a
large number that is the product of two primes, it requires a huge
amount of computation to find the two prime factors. At the moment of
writing of this text, the biggest number that has been factorized was
about 430 bits long and attacks on numbers of 512 bits have been
announced for 1997[long since gone]. Therefore the absolute minimum
length of the key in the RSA system has to be set at 640 bits; 768 or
1024 bits[1024 bit level security is unbreakable with 2002 standards]
are required for any system that requires security for more than a few
months.
An example of Mutual authentication is this. Alice is sending messages
to Bob. Bob is sending messages to Alice. Alice knows for certain that
the messages she is sending to Bob are going to him, nobody pretending
to be Bob. And the messages coming from Bob are definitly coming from
him, nobody else pretending to be him. The same applies to Bob. With
mutual authentication he knows that the message he received from Alice
is from her and no one else. Also he is sending messages to Alice and
not an impersonator.
LINKS
Introduction
to Cryptography
*
*