RFC 2437 PKCS #1: RSA Cryptography Specifications October 1998 8.1.2 Signature verification operation................21 9. Encoding methods................................22 9.1 Encoding methods for encryption.................22 9.1.1 EME-OAEP........................................22 9.1.2 EME-PKCS1-v1_5..................................24 9.2 Encoding methods for signatures with appendix...26 9.2.1 EMSA-PKCS1-v1_5.................................26 10. Auxiliary Functions.............................27 10.1 Hash Functions..................................27 10.2 Mask Generation Functions.......................28 10.2.1 MGF1............................................28 11. ASN.1 syntax....................................29 11.1 Key representation..............................29 11.1.1 Public-key syntax...............................30 11.1.2 Private-key syntax..............................30 11.2 Scheme identification...........................31 11.2.1 Syntax for RSAES-OAEP...........................31 11.2.2 Syntax for RSAES-PKCS1-v1_5.....................32 11.2.3 Syntax for RSASSA-PKCS1-v1_5....................33 12 Patent Statement................................33 12.1 Patent statement for the RSA algorithm..........34 13. Revision history................................35 14. References......................................35 Security Considerations.........................37 Acknowledgements................................37 Authors' Addresses..............................38 Full Copyright Statement........................39 1. Introduction This memo is the successor to RFC 2313. This document provides recommendations for the implementation of public-key cryptography based on the RSA algorithm [18], covering the following aspects: -cryptographic primitives -encryption schemes -signature schemes with appendix -ASN.1 syntax for representing keys and for identifying the schemes The recommendations are intended for general application within computer and communications systems, and as such include a fair amount of flexibility. It is expected that application standards based on these specifications may include additional constraints. The recommendations are intended to be compatible with draft standards currently being developed by the ANSI X9F1 [1] and IEEE P1363 working groups [14]. This document supersedes PKCS #1 version 1.5 [20]. Kaliski & Staddon Informational