Date: Thu, 3 Jul 1997 08:16:42 -0700
From: David.Brownell@Eng (David Brownell)
Message-Id: <199707031516.IAA04622@argon.eng.sun.com>
To: dmiller@preEmptive.com, java-security@web2.javasoft.com
Subject: Re: DSA available for use in encryption/decryption?
As Jan noted, DSA can't be used for encrypting (just signing). It's unlike
RSA in that respect.
However, by using DSA in conjunction with Diffie Hellman key exchange, you
can perform an authenticated exchange of such encryption-capable keys. Not
long ago, Cylink's web page had a detailed explanation of this. The SSL
protocol does the same thing (hence, so does the IETF's TLS protocol).
Basically, each party signs their D-H keys using DSA, and then the D-H key
exchange algorithm is used. You end up with a big number which would be
used as input to a key generation procedure. There are optimizations you
can perform which reduce the number of public key operations; SSL/TLS have
such techniques in place. It's also felt to be good to support a variety
of key exchange algorithms, as done in SSL/TLS and in ISA/KMP.
- Dave