With RSA you have to consider public key cryptography concepts. Only the public key will get public, the secret one (basically used to decrypt what the public key encrypted) stays with the peer.
The "problem" here is that public key cryptography needs huge keys to be secure, what inhibits to use them to encrypt large amount of data. Usually RSA is used to exchange the symetric keys (shorter keys) that will be used to encrypt the actual data. AFAIK, DH is just a key exchange protocol. You can also sign some informatios, that is basically the reverse of encrypt. Because the secret key is used to encrypt, and the public key to decrypt. So, the remote peer can be sure that the packet came from who owns the secret key. With RSA you can also sign packets using a third party (a CA) that both peers agree with and trust. -----Original Message----- From: Hunt Lee [mailto:[EMAIL PROTECTED]] Sent: terca-feira, 4 de dezembro de 2001 09:31 To: [EMAIL PROTECTED] Subject: Re: Diffle-Hellman Exchange Question [7:27952] Thanks for the URL. However, why does Cisco says: With the Diffie-Hellman exchange, the DES key never crosses the network (not even in encrypted form), "which is not the case with the RSA encrypt and sign technique." - so what about RSA encrypt and sign technique? I'm very confused... Thanks again. Hunt wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Alex, your are 100% correct. > > Whitfield & Martin (using modular arithmetic) found a beautiful > algorithm in which partners agree in a same key exchanging part of > his/her initial secret key. Never the key will be exchanged in the > public network. As the key is the same for both partners, it is good > for symetric encryption (fast) like DES. > > > -----Original Message----- > From: Alex Lei [mailto:[EMAIL PROTECTED]] > Sent: segunda-feira, 3 de dezembro de 2001 16:12 > To: [EMAIL PROTECTED] > Subject: RE: Diffle-Hellman Exchange Question [7:27952] > > > Hello Hunt, > > In my understanding the shared key never go across the network. Each > peer > computes it out separately. Where did you see in CCO saying that the > DES key > is sent across the internet? > > Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=28058&t=27952 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
