RFC 2437 (rfc2437) - Page 2 of 39


PKCS #1: RSA Cryptography Specifications Version 2



Alternative Format: Original Text Document



RFC 2437        PKCS #1: RSA Cryptography Specifications    October 1998


   8.1.2    Signature verification operation................21
   9.       Encoding methods................................22
   9.1      Encoding methods for encryption.................22
   9.1.1    EME-OAEP........................................22
   9.1.2    EME-PKCS1-v1_5..................................24
   9.2      Encoding methods for signatures with appendix...26
   9.2.1    EMSA-PKCS1-v1_5.................................26
   10.      Auxiliary Functions.............................27
   10.1     Hash Functions..................................27
   10.2     Mask Generation Functions.......................28
   10.2.1   MGF1............................................28
   11.      ASN.1 syntax....................................29
   11.1     Key representation..............................29
   11.1.1   Public-key syntax...............................30
   11.1.2   Private-key syntax..............................30
   11.2     Scheme identification...........................31
   11.2.1   Syntax for RSAES-OAEP...........................31
   11.2.2   Syntax for RSAES-PKCS1-v1_5.....................32
   11.2.3   Syntax for RSASSA-PKCS1-v1_5....................33
   12       Patent Statement................................33
   12.1     Patent statement for the RSA algorithm..........34
   13.      Revision history................................35
   14.      References......................................35
            Security Considerations.........................37
            Acknowledgements................................37
            Authors' Addresses..............................38
            Full Copyright Statement........................39

1. Introduction

   This memo is the successor to RFC 2313. This document provides
   recommendations for the implementation of public-key cryptography
   based on the RSA algorithm [18], covering the following aspects:

      -cryptographic primitives
      -encryption schemes
      -signature schemes with appendix
      -ASN.1 syntax for representing keys and for identifying the
       schemes

   The recommendations are intended for general application within
   computer and communications systems, and as such include a fair
   amount of flexibility. It is expected that application standards
   based on these specifications may include additional constraints. The
   recommendations are intended to be compatible with draft standards
   currently being developed by the ANSI X9F1 [1] and IEEE P1363 working
   groups [14].  This document supersedes PKCS #1 version 1.5 [20].




Kaliski & Staddon            Informational