W3C home > Mailing lists > Public > xml-encryption@w3.org > November 2000

Re: Algorithm Selections

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Wed, 15 Nov 2000 14:39:42 -0500
Message-Id: <>
To: <jimsch@nwlink.com>
Cc: <xml-encryption@w3.org>, housley@spyrus.com
At 00:31 11/15/2000 -0800, Jim Schaad wrote:
>As promised at the XML Encryption workshop, here is a description of the 
>different types of algorithms along with what I would recommend for the 
>different levels of support.

Thanks! I agree with all of your recommendations, but I have a question on 
Key Transport.

>Key Transport Algorithms:
>RSA-v1.5 - This is the standard RSA algorithm used in CMS today.  It has 
>the benifit of being widely used and the downside that there is a known 
>attack againist it.
>RSA-OEAP - This is the revised RSA algorithm for doing key transport.  The 
>same RSA public/private key pair can be used for both RSA-v1.5 and RSA-OEAP 
>so there is no need to choose just one of these variants.
>Recommendation:  RSA-OEAP should be used with AES.  RSA-v1.5 should be used 
>with TripleDES.

I note this is not mandatory, which I think I'm please with but I wanted to 
chase the references and ended up getting confused. I found [1] for 
"RSAES-OA(?EP?) in CMS" and it refers to [2], but RFC2347 is actually TFTP 
Option Extension (Russ should switch the 3&4 to RFC2437 [3]). So:
1. What standard exactly is meant by RSA-OEAP? PKCS#1v2.0, it's CMS syntax, 
or would we have to come up with our own XML based version?
2. Why do you recommend RSA-v1.5 with TripleDES?

[1] S/MIME Working Group R. Housley Internet Draft SPYRUS expires in six 
months June 2000 Use of the RSAES-OAEP Key Transport Algorithm in CMS
[2] PKCS#1v2.0 Kaliski, B. PKCS #1: RSA Encryption, Version 2.0. RFC 2347. 
October 1998.
[3] http://www.ietf.org/rfc/rfc2437.txt

Joseph Reagle Jr.
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/People/Reagle/
Received on Wednesday, 15 November 2000 14:40:12 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:59 UTC