Re: RSA Test

Vin McLellan (vin@shore.net)
Tue, 2 Mar 1999 01:07:51 -0500

• Next message: Bill Stewart: "Re: Information on Arcot for two-factor software strong authentication"
• Previous message: Adam Back: "Re: Using crypto to solve a part of the DNS/TM mess"

        Hani Almansour <Almansour@bigfoot.com> queried the Listocracy:

>I have implementation for RSA, SHA, MD5 and I want to test it. is there a
>fast way to test the output of any one of these encryption or if there is a
>program that test the output.

        Eric Rescorla <ekr@rtfm.com> and Jim Gillogly <jim@acm.org>
referred Hani to SHA and MD5 test vectors in the respective standards.

        EKR's comments may have also left the unfortunate impression that
there are no available tests for implementations of RSA public key
cryptosystems. RSA itself is one source for such tests. See RSA's PKCS
reference page at: <http://www.rsa.com/rsalabs/pubs/PKCS/>

        [Let me also suggest that RSA implementers, both neophytes and
grizzled veterans, should review the recent RSA Labs Bulletin, available in
PS and PDF formats at <http://www.rsa.com/rsalabs/html/bulletins.html>.

        [In "A Note on the Security of the OAEP-Enhanced RSA Public-Key
Encryption Scheme," Matthew Robshaw and Jessica Staddon offer a
surprisingly accessible discussion of the benefits of the Optimal
Asymmetric Encryption Padding (OAEP) and the "random oracle" paradigm -- in
the context of the "provable security" crypto model developed by Goldwasser
and Macali 15 years ago.]

        RSA's Public-Key Cryptography Standards (PKCS) will be familiar to
most readers of these Lists as a series of often defacto (and sometimes
dejure) standards developed by RSA -- for which I am a consultant -- often
in conjunction with other vendors, developers, and major users.

        PKCS #1 defines mechanisms for encrypting and signing with RSA
public-key crypto.

        For the traditional RSAPKC format -- as described in PKCS #1 v.1.5
-- there are useful test vectors in a doc entitled "Some Examples of the
PKCS Standard." Pull down <ftp://ftp.rsa.com/pub/pkcs/ascii/examples.asc>.

        For PKCS #1 v.2.0 -- in which the security of the traditional RSA
PK crypto is enhanced by formatting or pre-processing the message with OAEP
-- there are test vectors for two different OAEP/RSAPKC schemes. See:
<http://www.rsa.com/rsalabs/pubs/PKCS/html/pkcs-1.html>.

        Suerte,
                _Vin

-----
"Cryptography is like literacy in the Dark Ages. Infinitely potent, for
good and ill... yet basically an intellectual construct, an idea, which by
its nature will resist efforts to restrict it to bureaucrats and others who
deem only themselves worthy of such Privilege."
_ A Thinking Man's Creed for Crypto _vbm.

 * Vin McLellan + The Privacy Guild + <vin@shore.net> *
      53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548

• Next message: Bill Stewart: "Re: Information on Arcot for two-factor software strong authentication"
• Previous message: Adam Back: "Re: Using crypto to solve a part of the DNS/TM mess"