On Tue, 2007-10-30 at 02:59 -0700, David Schwartz wrote:
> > I have one worrying question... I have generated my keys and ca and all
> > with easy-rsa package and he has generated 1024 bit rsa keys... but as far
> > as I have seen openvpn is using blowfish... blowfish in a symetric
> > encription cypher and rsa is an asymetrical one... shouldn't match keys
> > and cypher types?? or else... how this works? I mean it takes parts of the
> > whole 1024 size key in pieces or 128 bits (for blowfish) or how does this
> > work?
> >
> > When you do a openvpn --show-cyphers you see all symetryc cipher systems
> > am I wrong?
> >
> > Thanks a lot mates!! waiting anxious you're answers

>
> Asymmetric ciphers like RSA are used on very small pieces of information,
> not on bulk data. In the case of encryption, the asymmetric algorithm is
> used to securely exchange a random small number that is then used as the key
> in a symmetric algorithm like blowfish or AES.

This "number" is only one of parameters used by symmetric key generation
routine which generates keys used by symmetric algorithms like AES.
This number is not used directly as symmetric key.

Best regards,
--
Marek Marcola

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org