Re: [Fed-Talk] hybrid crypto question
Re: [Fed-Talk] hybrid crypto question
- Subject: Re: [Fed-Talk] hybrid crypto question
- From: "Miller, Timothy J." <email@hidden>
- Date: Fri, 08 Jul 2011 15:01:39 -0400
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] hybrid crypto question
On Jul 8, 2011, at 11:38 AM, Todd Heberlein wrote:
> I have client computers encrypting log files and forwarding them to a server. I have a public key distributed to the clients, but the log files are too large to be encrypted with a public key. To address this, I
> (1) generate a symmetric key on the fly
> (2) encrypt the log file using symmetric encryption
> (3) encrypt the symmetric key with the public key
> (4) Send both the encrypted log file and encrypted symmetric key to the server
This is the generally correct idea. RSA operations are too slow and are generally only use for key wrapping of a symmetric key used for bulk encryption.
> The problem is that now I need to track two files on the server. I would prefer that they were bundled together. Is there a standard way to combine these two into a single container file?
Yes. See Cryptographic Message Syntax (CMS) governed by RFC 5652.
-- T
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden