I've just finished the RSA chapter ( 4 ) and have a question regarding the specification string given to the cipher factory method. Consider the following RSA specificaiton string, from the OAEP sample:

      Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");

My question concerns the "NONE" element of this string. Based upon the strings for the symmetric algorthms in chapter two, I would guess this "NONE" to be the MODE. But do RSA ciphers even have "modes"? Are any discussed in the RSA chapter? Maybe I missed them.

As you've assumed RSA cipher don't have modes.

The JCE requires something appears in the mode area - ie. all ciphers have to be described as algorithm/mode/padding or just algorithm. For this reason you'll also see RSA/ECB/... as NONE was a recent addition.

Regards,

David

Thanks David, and, by the way, good book!

I have a couple of questions in response to your previous answer.

1) When I execute the program that displays all of the available ciphers supported by BC I find the following RSA info among the output:

Cipher: RSA//PKCS1PADDING

Cipher: RSA/OAEP

Cipher: RSA/RAW

So these would all require a specification string of the form RSA/NONE/padding ?

2) You said that I might see RSA/ECB/padding, instead of none. Is this because RSA is doing some sort of ECB? I assume you mean that it ECB was just used as a default filler for the mode space.

On 1, they only exist as they were accessible from the original clean room provider (we weren't aware of the restriction when it was implemented). The official JCE doesn't allow such strings to be used.

0n 2, ECB is meaningless with RSA - it was simply used in the absence of any other available qualifier, the official use of NONE wasn't introduced till much later,

Regards,

David