PKCS #1: RSA Cryptography Specifications Version 2.0
RFC 2437

 
Document Type RFC - Informational (October 1998; No errata)
Obsoleted by RFC 3447
Obsoletes RFC 2313
Last updated 2013-03-02
Stream Legacy
Formats plain text pdf html
Stream Legacy state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 2437 (Informational)
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                         B. Kaliski
Request for Comments: 2437                                    J. Staddon
Obsoletes: 2313                                         RSA Laboratories
Category: Informational                                     October 1998

                PKCS #1: RSA Cryptography Specifications
                              Version 2.0

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (1998).  All Rights Reserved.

Table of Contents

   1.       Introduction.....................................2
   1.1      Overview.........................................3
   2.       Notation.........................................3
   3.       Key types........................................5
   3.1      RSA public key...................................5
   3.2      RSA private key..................................5
   4.       Data conversion primitives.......................6
   4.1      I2OSP............................................6
   4.2      OS2IP............................................7
   5.       Cryptographic primitives.........................8
   5.1      Encryption and decryption primitives.............8
   5.1.1    RSAEP............................................8
   5.1.2    RSADP............................................9
   5.2      Signature and verification primitives...........10
   5.2.1    RSASP1..........................................10
   5.2.2    RSAVP1..........................................11
   6.       Overview of schemes.............................11
   7.       Encryption schemes..............................12
   7.1      RSAES-OAEP......................................13
   7.1.1    Encryption operation............................13
   7.1.2    Decryption operation............................14
   7.2      RSAES-PKCS1-v1_5................................15
   7.2.1    Encryption operation............................17
   7.2.2    Decryption operation............................17
   8.       Signature schemes with appendix.................18
   8.1      RSASSA-PKCS1-v1_5...............................19
   8.1.1    Signature generation operation..................20

Kaliski & Staddon            Informational                      [Page 1]
RFC 2437        PKCS #1: RSA Cryptography Specifications    October 1998

   8.1.2    Signature verification operation................21
   9.       Encoding methods................................22
   9.1      Encoding methods for encryption.................22
   9.1.1    EME-OAEP........................................22
   9.1.2    EME-PKCS1-v1_5..................................24
   9.2      Encoding methods for signatures with appendix...26
   9.2.1    EMSA-PKCS1-v1_5.................................26
   10.      Auxiliary Functions.............................27
   10.1     Hash Functions..................................27
   10.2     Mask Generation Functions.......................28
   10.2.1   MGF1............................................28
   11.      ASN.1 syntax....................................29
   11.1     Key representation..............................29
   11.1.1   Public-key syntax...............................30
   11.1.2   Private-key syntax..............................30
   11.2     Scheme identification...........................31
   11.2.1   Syntax for RSAES-OAEP...........................31
   11.2.2   Syntax for RSAES-PKCS1-v1_5.....................32
   11.2.3   Syntax for RSASSA-PKCS1-v1_5....................33
   12       Patent Statement................................33
   12.1     Patent statement for the RSA algorithm..........34
   13.      Revision history................................35
   14.      References......................................35
            Security Considerations.........................37
            Acknowledgements................................37
            Authors' Addresses..............................38
            Full Copyright Statement........................39

1. Introduction

   This memo is the successor to RFC 2313. This document provides
   recommendations for the implementation of public-key cryptography
   based on the RSA algorithm [18], covering the following aspects:

      -cryptographic primitives
      -encryption schemes
      -signature schemes with appendix
      -ASN.1 syntax for representing keys and for identifying the
       schemes

   The recommendations are intended for general application within
   computer and communications systems, and as such include a fair
   amount of flexibility. It is expected that application standards
   based on these specifications may include additional constraints. The
Show full document text