Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Joakim Lundberg (email@example.com)
Date: Mon Oct 01 2001 - 07:06:39 CDT
What confues you are the way that the two are commonly used/implemented:
An asymetric algorithm is used to exchange secret keys for an symmetric
Symmetric algorithms are much faster than an asymetric and often used
for bulk encryption.
However, Asymetric algorithms would be a good choice for key exchange
A VPN would be a good example of a setup like this. RSA is used to setup
a session and to exchange keys and then the session is encrypted with
3DES (or some other symetric alogorithm).
CISSP - Certified Information Systems Security Professional
Lucent Worldwide Services Sweden
mobile: +46-(701) 80 16 75
Well, both vols of the Information Security Management Handbook concur
w/ the SRV pub.
The ISMH 4th Ed says "common asymmetric-key systems include ... RSA" (p.
466) and Jay Heiser's essay "Introduction to Encryption" in ISMH Vol 2
says "contemporary public key-based systems ... use symmetric algorithms
for privacy and the RSA public key algorithm to securely exchange keys"
(p. 373). According to Heiser, "only a few asymmetric algorithms are in
common use today. ... RSA is by far the most widespread" (p. 367).
Further, says Heiser, RSA is "the only public key encryption algorithm
in widespread use" (p. 366).
In the CISSP Examination Textbook it states:
In cryptography, the RSA scheme has the following pair of
a. asymmetric cipher system
b. a public key encryption algorithm system
I thought that RSA uses a symmetric cipher system?