Hilton:
RSA is a key transport algorithm, and Diffie-Hellman is a key agreement
algorithm.
With RSA, the originator needs the recipient's public key (from the
recipient's certificate). The CEK is encrypted in the recipient's public
key. The recipient does not a certificate or public key from the
originator to decrypt the CEK -- the originator only needs his own private key.
With Diffie-Hellman.the originator uses the recipient's public key and his
own private key to create a KEK. The CEK is then encrypted in the KEK.
For the recipient to form the same KEK, the originator's public key and the
recipient's private key are used. So, the CMS RecipientInfo structure
permits the originator to send the one-time public key in the message.
I hope this is the level of information you were seeking.
Russ
At 04:18 PM 2/12/99 +0000, Hilton Day wrote:
Hi all,
I've been following the S/MIME 3 spec. since late in CMS-09, and am curious
about the Key Agreement Key Management Algorithm, and it's purpose within the
specification...
What purpose does using Key Agreement serve, rather than just using basic the
Key Transport mechanism?
I've had a look through the CMS (10), and it isn't clear what are the merit's
(or not) of using KA vs. KT.
Thanks in advance,
Hilton.
[PS - replies to either me directly, or ietf-smime mailing list (depending on
how useful you think the reply is to others) - I subscribe, so either way I'll
get the response]
--
JCP Computer Services Tel: +44 (0) 171 689 6890
16 St Johns Lane, Fax: +44 (0) 171 689 0438
London, E-Mail: hilton(_at_)jcp(_dot_)co(_dot_)uk
EC1M 4BS WWW: http://www.jcp.co.uk
United Kingdom