What confues you are the way that the two are commonly used/implemented:
An asymetric algorithm is used to exchange secret keys for an symmetric
algorithm.
Symmetric algorithms are much faster than an asymetric and often used
for bulk encryption.
However, Asymetric algorithms would be a good choice for key exchange
and identification.
A VPN would be a good example of a setup like this. RSA is used to setup
a session and to exchange keys and then the session is encrypted with
3DES (or some other symetric alogorithm).

Joakim Lundberg
CISSP - Certified Information Systems Security Professional
Lucent Worldwide Services Sweden
mobile: +46-(701) 80 16 75
email: joakim@lucent.com
http://www.lucent.com/businessunit/worldwide.html

-----Original Message-----
From: Esser, Randy [mailto:RANDY.ESSER@ca.com]
Sent: den 28 september 2001 05:53
To: Kevin Moker; cisspstudy@securityfocus.com
Subject: RE: RSA Scheme

Well, both vols of the Information Security Management Handbook concur
w/ the SRV pub.

The ISMH 4th Ed says "common asymmetric-key systems include ... RSA" (p.
466) and Jay Heiser's essay "Introduction to Encryption" in ISMH Vol 2
says "contemporary public key-based systems ... use symmetric algorithms
for privacy and the RSA public key algorithm to securely exchange keys"
(p. 373). According to Heiser, "only a few asymmetric algorithms are in
common use today. ... RSA is by far the most widespread" (p. 367).
Further, says Heiser, RSA is "the only public key encryption algorithm
in widespread use" (p. 366).

R.

-----Original Message-----
From: Kevin Moker [mailto:kevin.moker@snet.net]
Sent: Wednesday, September 26, 2001 2:49 PM
To: cisspstudy@securityfocus.com
Subject: RSA Scheme

In the CISSP Examination Textbook it states:

In cryptography, the RSA scheme has the following pair of
characteristics:
        a. asymmetric cipher system
        b. a public key encryption algorithm system

I thought that RSA uses a symmetric cipher system?

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]