Timeline for SHA, RSA and the relation between them
Current License: CC BY-SA 3.0
16 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Apr 11, 2017 at 0:49 | comment | added | vapcguy | I call B.S. on this answer. RSA CAN and DOES use SHA1: w3.org/PICS/DSig/RSA-SHA1_1_0.html When you use an encryption algorithm, such as RSA, you have to specify the hashing function for generating the keys. RSA only allows SHA. | |
| S Nov 29, 2011 at 17:44 | history | suggested | Paŭlo Ebermann | CC BY-SA 3.0 | rewording to make it a bit more clear (see confusion in the comments) |
| Nov 29, 2011 at 17:37 | review | Suggested edits | |||
| S Nov 29, 2011 at 17:44 | |||||
| Nov 29, 2011 at 15:44 | comment | added | ewanm89 | Okay, I'll let you have it, it's easily miss read at least, vague where the list starts and finishes. | |
| Nov 29, 2011 at 15:37 | comment | added | chris | read again: "In PGP, RSA, DSA and ElGamal are used for signing and encrypting.". So I'm saying that RSA, DSA and ElGamal are used in PGP. How is that incorrect? | |
| Nov 29, 2011 at 15:30 | comment | added | ewanm89 | It's such things that end up with questions like this in the first place. | |
| Nov 29, 2011 at 15:29 | comment | added | ewanm89 | more PGP is a system for public key crypto on stored messages like S/MIME | |
| Nov 29, 2011 at 15:29 | comment | added | ewanm89 | PGP != RSA, DSA or El Gamal | |
| Nov 29, 2011 at 15:09 | comment | added | chris | You're right, I missed the last part about SHA vs MD5 in SSL. Still don't see what PGP has to do with that though. Fortunately, Thomas Pornin gave an excellent answer already. | |
| Nov 29, 2011 at 15:00 | comment | added | ewanm89 | of course, and visa-versa, the question also asked about sha specifically! | |
| Nov 29, 2011 at 13:40 | comment | added | chris | I didn't miss anything. The question was how is SHA used in RSA. THe answer is, it isn't. I'm not giving a conclusive list of all the possible uses of cryptograhpic algorithms. Also, CA's using MD5 in their certificates is not the same as servers and clients using MD5 in their SSL session negotiation. You can use MD5 in the latter with a SHA-1 certificate. | |
| Nov 29, 2011 at 13:19 | comment | added | ewanm89 | you also missed how PGP uses RSA or ElGamal and DSA doe it's asymmetric stuff. | |
| Nov 29, 2011 at 13:14 | comment | added | ewanm89 | well, no CA in their right name would use that on their certs now though, right? ;) Yes, I'm just pointing out you kind of missed half the question all about hashing! | |
| Nov 29, 2011 at 13:03 | comment | added | chris | It can be used, you choose a cipher suite (consisting of authentication algorithm, hashing algorithm and encryption algorithm) prior to key exchange. You could also choose MD5 if the server supports it. | |
| Nov 29, 2011 at 12:55 | comment | added | ewanm89 | SHA is used in the signing and integrity checking in SSL. | |
| Nov 29, 2011 at 8:30 | history | answered | chris | CC BY-SA 3.0 |