Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
532
Views
0
Helpful
2
Replies

RSA encry

mcardell
Cisco Employee
Cisco Employee

‎08-05-2005 03:07 PM

Good Afternoon,

What is the benefits of RSA encrypted nonces against the RSA signatures?

ANy particular reason to use one instead of the other?

Any CCO link available?

Thanks in advance

Labels:
0 Helpful
2 Replies 2

Not applicable

‎08-12-2005 11:48 AM

This is not just the technical advantage of one over the other, it also depends on the products. Some products do not support both.

0 Helpful

Steve Fuller
Level 9
Level 9

‎08-12-2005 03:50 PM

RSA encrypted nonces are somewhat cumbersome due to the fact that you need to generate the public / private key on each device and then exchange the public key with each and every peer. The other issue with nonces is that, should your head-end router fail, you would have to re-generate and exchange new keys with every peer unless you used exportable keys (see http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1839/products_feature_guide09186a00801541cf.html).

Digital signatures, while involving additional work to set up, are far more scaleable and offer the added benefit of non-redudiation and certificate revocation.

In recent discussions with Cisco I've been quoted a ratio 75/1/24 for Pre-shared keys, RSA nonces and Digital Signatures. Seems no one likes or uses encrypted nonces.

Regards

Steve

0 Helpful
Customers Also Viewed These Support Documents