Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1
RFC 3447
| Document | Type |
RFC - Informational
(February 2003; Errata)
Obsoleted by RFC 8017
Obsoletes RFC 2437
Was draft-jonsson-pkcs1-v2dot1 (individual in sec area)
|
|
|---|---|---|---|
| Last updated | 2020-01-21 | ||
| Stream | IETF | ||
| Formats | plain text html pdf htmlized with errata bibtex | ||
| Stream | WG state | (None) | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 3447 (Informational) | |
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | Jeffrey Schiller | ||
| IESG note | Responsible: IESG member | ||
| Send notices to | (None) | ||
Network Working Group J. Jonsson
Request for Comments: 3447 B. Kaliski
Obsoletes: 2437 RSA Laboratories
Category: Informational February 2003
Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography
Specifications Version 2.1
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2003). All Rights Reserved.
Abstract
This memo represents a republication of PKCS #1 v2.1 from RSA
Laboratories' Public-Key Cryptography Standards (PKCS) series, and
change control is retained within the PKCS process. The body of this
document is taken directly from the PKCS #1 v2.1 document, with
certain corrections made during the publication process.
Table of Contents
1. Introduction...............................................2
2. Notation...................................................3
3. Key types..................................................6
3.1 RSA public key..........................................6
3.2 RSA private key.........................................7
4. Data conversion primitives.................................8
4.1 I2OSP...................................................9
4.2 OS2IP...................................................9
5. Cryptographic primitives..................................10
5.1 Encryption and decryption primitives...................10
5.2 Signature and verification primitives..................12
6. Overview of schemes.......................................14
7. Encryption schemes........................................15
7.1 RSAES-OAEP.............................................16
7.2 RSAES-PKCS1-v1_5.......................................23
8. Signature schemes with appendix...........................27
8.1 RSASSA-PSS.............................................29
8.2 RSASSA-PKCS1-v1_5......................................32
9. Encoding methods for signatures with appendix.............35
Jonsson & Kaliski Informational [Page 1]
RFC 3447 PKCS #1: RSA Cryptography Specifications February 2003
9.1 EMSA-PSS...............................................36
9.2 EMSA-PKCS1-v1_5........................................41
Appendix A. ASN.1 syntax...........................................44
A.1 RSA key representation.................................44
A.2 Scheme identification..................................46
Appendix B. Supporting techniques..................................52
B.1 Hash functions.........................................52
B.2 Mask generation functions..............................54
Appendix C. ASN.1 module...........................................56
Appendix D. Intellectual Property Considerations...................63
Appendix E. Revision history.......................................64
Appendix F. References.............................................65
Appendix G. About PKCS.............................................70
Appendix H. Corrections Made During RFC Publication Process........70
Security Considerations............................................70
Acknowledgements...................................................71
Authors' Addresses.................................................71
Full Copyright Statement...........................................72
1. Introduction
This document provides recommendations for the implementation of
public-key cryptography based on the RSA algorithm [42], covering the
following aspects:
* Cryptographic primitives
* Encryption schemes
* Signature schemes with appendix
* ASN.1 syntax for representing keys and for identifying the schemes
The recommendations are intended for general application within
computer and communications systems, and as such include a fair
amount of flexibility. It is expected that application standards
based on these specifications may include additional constraints.
The recommendations are intended to be compatible with the standard
IEEE-1363-2000 [26] and draft standards currently being developed by
the ANSI X9F1 [1] and IEEE P1363 [27] working groups.
This document supersedes PKCS #1 version 2.0 [35][44] but includes
compatible techniques.
Jonsson & Kaliski Informational [Page 2]
RFC 3447 PKCS #1: RSA Cryptography Specifications February 2003
The organization of this document is as follows:
Show full document text