.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.37 .\" .\" Standard preamble: .\" ======================================================================== .de Sh \" Subsection heading .br .if t .Sp .ne 5 .PP \fB\\$1\fR .PP .. .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. | will give a .\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to .\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C' .\" expand to `' in nroff, nothing in troff, for use with C<>. .tr \(*W-|\(bv\*(Tr .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' 'br\} .\" .\" If the F register is turned on, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . nr % 0 . rr F .\} .\" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .hy 0 .if n .na .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] \fP .\} .if t \{\ . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff .if n \{\ . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} .if t \{\ . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' .ds 8 \h'\*(#H'\(*b\h'-\*(#H' .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] .ds ae a\h'-(\w'a'u*4/10)'e .ds Ae A\h'-(\w'A'u*4/10)'E . \" corrections for vroff .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' . \" for low resolution devices (crt and lpr) .if \n(.H>23 .if \n(.V>19 \ \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} .rm #[ #] #H #V #F C .\" ======================================================================== .\" .IX Title "Crypt::RSA 3" .TH Crypt::RSA 3 "2009-06-06" "perl v5.8.8" "User Contributed Perl Documentation" .SH "NAME" Crypt::RSA \- RSA public\-key cryptosystem. .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 1 \& my $rsa = new Crypt::RSA; .Ve .PP .Vb 7 \& my ($public, $private) = \& $rsa->keygen ( \& Identity => 'Lord Macbeth ', \& Size => 1024, \& Password => 'A day so foul & fair', \& Verbosity => 1, \& ) or die $rsa->errstr(); .Ve .PP .Vb 6 \& my $cyphertext = \& $rsa->encrypt ( \& Message => $message, \& Key => $public, \& Armour => 1, \& ) || die $rsa->errstr(); .Ve .PP .Vb 6 \& my $plaintext = \& $rsa->decrypt ( \& Cyphertext => $cyphertext, \& Key => $private, \& Armour => 1, \& ) || die $rsa->errstr(); .Ve .PP .Vb 5 \& my $signature = \& $rsa->sign ( \& Message => $message, \& Key => $private \& ) || die $rsa->errstr(); .Ve .PP .Vb 6 \& my $verify = \& $rsa->verify ( \& Message => $message, \& Signature => $signature, \& Key => $public \& ) || die $rsa->errstr(); .Ve .SH "NOTE" .IX Header "NOTE" This manual assumes familiarity with public-key cryptography and the \s-1RSA\s0 algorithm. If you don't know what these are or how they work, please refer to the sci.crypt FAQ[15]. A formal treatment of \s-1RSA\s0 can be found in [1]. .SH "DESCRIPTION" .IX Header "DESCRIPTION" Crypt::RSA is a pure\-perl, cleanroom implementation of the \s-1RSA\s0 public-key cryptosystem. It uses \fIMath::Pari\fR\|(3), a perl interface to the blazingly fast \s-1PARI\s0 library, for big integer arithmetic and number theoretic computations. .PP Crypt::RSA provides arbitrary size key-pair generation, plaintext-aware encryption (\s-1OAEP\s0) and digital signatures with appendix (\s-1PSS\s0). For compatibility with SSLv3, \s-1RSAREF2\s0, \s-1PGP\s0 and other applications that follow the \s-1PKCS\s0 #1 v1.5 standard, it also provides \s-1PKCS\s0 #1 v1.5 encryption and signatures. .PP Crypt::RSA is structured as bundle of modules that encapsulate different parts of the \s-1RSA\s0 cryptosystem. The \s-1RSA\s0 algorithm is implemented in \&\fICrypt::RSA::Primitives\fR\|(3). Encryption schemes, located under Crypt::RSA::ES, and signature schemes, located under Crypt::RSA::SS, use the \s-1RSA\s0 algorithm to build encryption/signature schemes that employ secure padding. (See the note on Security of Padding Schemes.) .PP The key generation engine and other functions that work on both components of the key-pair are encapsulated in \fICrypt::RSA::Key\fR\|(3). \&\fICrypt::RSA::Key::Public\fR\|(3) & \fICrypt::RSA::Key::Private\fR\|(3) provide mechanisms for storage & retrival of keys from disk, decoding & encoding of keys in certain formats, and secure representation of keys in memory. Finally, the Crypt::RSA module provides a convenient, \s-1DWIM\s0 wrapper around the rest of the modules in the bundle. .SH "SECURITY OF PADDING SCHEMES" .IX Header "SECURITY OF PADDING SCHEMES" It has been conclusively shown that textbook \s-1RSA\s0 is insecure[3,7]. Secure \&\s-1RSA\s0 requires that plaintext is padded in a specific manner before encryption and signing. There are four main standards for padding: \s-1PKCS\s0 #1 v1.5 encryption & signatures, and \s-1OAEP\s0 encryption & \s-1PSS\s0 signatures. Crypt::RSA implements these as four modules that provide overloaded \fIencrypt()\fR, \fIdecrypt()\fR, \fIsign()\fR and \fIverify()\fR methods that add padding functionality to the basic \s-1RSA\s0 operations. .PP \&\fICrypt::RSA::ES::PKCS1v15\fR\|(3) implements \s-1PKCS\s0 #1 v1.5 encryption, \&\fICrypt::RSA::SS::PKCS1v15\fR\|(3) implements \s-1PKCS\s0 #1 v1.5 signatures, \&\fICrypt::RSA::ES::OAEP\fR\|(3) implements Optimal Asymmetric Encryption and \&\fICrypt::RSA::SS::PSS\fR\|(3) Probabilistic Signatures. .PP \&\s-1PKCS\s0 #1 v1.5 schemes are older and hence more widely deployed, but \s-1PKCS\s0 #1 v1.5 encryption has certain flaws that make it vulnerable to chosen-cyphertext attacks[9]. Even though Crypt::RSA works around these vulnerabilities, it is recommended that new applications use \s-1OAEP\s0 and \s-1PSS\s0, both of which are provably secure[13]. In any event, Crypt::RSA::Primitives (without padding) should never be used directly. .PP That said, there exists a scheme called Simple RSA[16] that provides security without padding. However, Crypt::RSA doesn't implement this scheme yet. .SH "METHODS" .IX Header "METHODS" .IP "\fB\f(BInew()\fB\fR" 4 .IX Item "new()" The constructor. When no arguments are provided, \fInew()\fR returns an object loaded with default values. This object can be customized by specifying encryption & signature schemes, key formats and post processors. For details see the section on \fBCustomizing the Crypt::RSA object\fR later in this manpage. .IP "\fB\f(BIkeygen()\fB\fR" 4 .IX Item "keygen()" \&\fIkeygen()\fR generates and returns an \s-1RSA\s0 key-pair of specified bitsize. \&\fIkeygen()\fR is a synonym for \fICrypt::RSA::Key::generate()\fR. Parameters and return values are described in the \fICrypt::RSA::Key\fR\|(3) manpage. .IP "\fB\f(BIencrypt()\fB\fR" 4 .IX Item "encrypt()" \&\fIencrypt()\fR performs \s-1RSA\s0 encryption on a string of arbitrary length with a public key using the encryption scheme bound to the object. The default scheme is \s-1OAEP\s0. \fIencrypt()\fR returns cyphertext (a string) on success and undef on failure. It takes a hash as argument with following keys: .RS 4 .IP "\fBMessage\fR" 4 .IX Item "Message" An arbitrary length string to be encrypted. .IP "\fBKey\fR" 4 .IX Item "Key" Public key of the recipient, a \fICrypt::RSA::Key::Public\fR\|(3) or compatible object. .IP "\fBArmour\fR" 4 .IX Item "Armour" A boolean parameter that forces cyphertext through a post processor after encrpytion. The default post processor is \fIConvert::ASCII::Armour\fR\|(3) that encodes binary octets in 6\-bit clean \s-1ASCII\s0 messages. The cyphertext is returned as\-is, when the Armour key is not present. .RE .RS 4 .RE .IP "\fB\f(BIdecrypt()\fB\fR" 4 .IX Item "decrypt()" \&\fIdecrypt()\fR performs \s-1RSA\s0 decryption with a private key using the encryption scheme bound to the object. The default scheme is \s-1OAEP\s0. \fIdecrypt()\fR returns plaintext on success and undef on failure. It takes a hash as argument with following keys: .RS 4 .IP "\fBCyphertext\fR" 4 .IX Item "Cyphertext" Cyphertext of arbitrary length. .IP "\fBKey\fR" 4 .IX Item "Key" Private key, a \fICrypt::RSA::Key::Private\fR\|(3) or compatible object. .IP "\fBArmour\fR" 4 .IX Item "Armour" Boolean parameter that specifies whether the Cyphertext is encoded with a post processor. .RE .RS 4 .RE .IP "\fB\f(BIsign()\fB\fR" 4 .IX Item "sign()" \&\fIsign()\fR creates an \s-1RSA\s0 signature on a string with a private key using the signature scheme bound to the object. The default scheme is \&\s-1PSS\s0. \fIsign()\fR returns a signature on success and undef on failure. It takes a hash as argument with following keys: .RS 4 .IP "\fBMessage\fR" 4 .IX Item "Message" A string of arbitrary length to be signed. .IP "\fBKey\fR" 4 .IX Item "Key" Private key of the sender, a \fICrypt::RSA::Key::Private\fR\|(3) or compatible object. .IP "\fBArmour\fR" 4 .IX Item "Armour" A boolean parameter that forces the computed signature to be post processed. .RE .RS 4 .RE .IP "\fB\f(BIverify()\fB\fR" 4 .IX Item "verify()" \&\fIverify()\fR verifies an \s-1RSA\s0 signature with a public key using the signature scheme bound to the object. The default scheme is \s-1PSS\s0. \fIverify()\fR returns a true value on success and undef on failure. It takes a hash as argument with following keys: .RS 4 .IP "\fBMessage\fR" 4 .IX Item "Message" A signed message, a string of arbitrary length. .IP "\fBKey\fR" 4 .IX Item "Key" Public key of the signer, a \fICrypt::RSA::Key::Public\fR\|(3) or compatible object. .IP "\fBSign\fR" 4 .IX Item "Sign" A signature computed with \fIsign()\fR. .IP "\fBArmour\fR" 4 .IX Item "Armour" Boolean parameter that specifies whether the Signature has been post processed. .RE .RS 4 .RE .SH "MODULES" .IX Header "MODULES" Apart from Crypt::RSA, the following modules are intended for application developer and end-user consumption: .IP "\fBCrypt::RSA::Key\fR" 4 .IX Item "Crypt::RSA::Key" \&\s-1RSA\s0 key pair generator. .IP "\fBCrypt::RSA::Key::Public\fR" 4 .IX Item "Crypt::RSA::Key::Public" \&\s-1RSA\s0 Public Key Management. .IP "\fBCrypt::RSA::Key::Private\fR" 4 .IX Item "Crypt::RSA::Key::Private" \&\s-1RSA\s0 Private Key Management. .IP "\fBCrypt::RSA::ES::OAEP\fR" 4 .IX Item "Crypt::RSA::ES::OAEP" Plaintext-aware encryption with \s-1RSA\s0. .IP "\fBCrypt::RSA::SS::PSS\fR" 4 .IX Item "Crypt::RSA::SS::PSS" Probabilistic Signature Scheme based on \s-1RSA\s0. .IP "\fBCrypt::RSA::ES::PKCS1v15\fR" 4 .IX Item "Crypt::RSA::ES::PKCS1v15" \&\s-1PKCS\s0 #1 v1.5 encryption scheme. .IP "\fBCrypt::RSA::SS::PKCS1v15\fR" 4 .IX Item "Crypt::RSA::SS::PKCS1v15" \&\s-1PKCS\s0 #1 v1.5 signature scheme. .SH "CUSTOMISING A CRYPT::RSA OBJECT" .IX Header "CUSTOMISING A CRYPT::RSA OBJECT" A Crypt::RSA object can be customized by passing any of the following keys in a hash to \fInew()\fR: \s-1ES\s0 to specify the encryption scheme, \s-1SS\s0 to specify the signature scheme, \s-1PP\s0 to specify the post processor, and \s-1KF\s0 to specify the key format. The value associated with these keys can either be a name (a string) or a hash reference that specifies a module name, its constructor, and constructor arguments. For example: .PP .Vb 1 \& my $rsa = new Crypt::RSA ( ES => 'OAEP' ); .Ve .PP .Vb 1 \& or .Ve .PP .Vb 1 \& my $rsa = new Crypt::RSA ( ES => { Module => 'Crypt::RSA::ES::OAEP' } ); .Ve .PP A module thus specified need not be included in the Crypt::RSA bundle, but it must be interface compatible with the ones provided with Crypt::RSA. .PP As of this writing, the following names are recognised: .IP "\fB\s-1ES\s0\fR (Encryption Scheme)" 4 .IX Item "ES (Encryption Scheme)" .Vb 1 \& 'OAEP', 'PKCS1v15' .Ve .IP "\fB\s-1SS\s0\fR (Signature Scheme)" 4 .IX Item "SS (Signature Scheme)" .Vb 1 \& 'PSS', 'PKCS1v15' .Ve .IP "\fB\s-1KF\s0\fR (Key Format)" 4 .IX Item "KF (Key Format)" .Vb 1 \& 'Native', 'SSH' .Ve .IP "\fB\s-1PP\s0\fR (Post Processor)" 4 .IX Item "PP (Post Processor)" .Vb 1 \& 'ASCII' .Ve .SH "ERROR HANDLING" .IX Header "ERROR HANDLING" All modules in the Crypt::RSA bundle use a common error handling method (implemented in \fICrypt::RSA::Errorhandler\fR\|(3)). When a method fails it returns undef and calls \f(CW$self\fR\->\fIerror()\fR with the error message. This error message is available to the caller through the \fIerrstr()\fR method. For more details see the \fICrypt::RSA::Errorhandler\fR\|(3) manpage. .SH "AUTHOR" .IX Header "AUTHOR" Vipul Ved Prakash, .SH "ACKNOWLEDGEMENTS" .IX Header "ACKNOWLEDGEMENTS" Thanks to Ilya Zakharevich for help with Math::Pari, Benjamin Trott for several patches including \s-1SSH\s0 key support, Genèche Ramanoudjame for extensive testing and numerous bug reports, Shizukesa on #perl for suggesting the error handling method used in this module, and Dave Paris for good advice. .SH "LICENSE" .IX Header "LICENSE" Copyright (c) 2000\-2008, Vipul Ved Prakash. This code is free software; it is distributed under the same license as Perl itself. .PP I have received requests for commercial licenses of Crypt::RSA, from those who desire contractual support and indemnification. I'd be happy to provide a commercial license if you need one. Please send me mail at \f(CW\*(C`mail@vipul.net\*(C'\fR with the subject \*(L"Crypt::RSA license\*(R". Please don't send me mail asking if you need a commercial license. You don't, if Artistic of \s-1GPL\s0 suit you fine. .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fICrypt::RSA::Primitives\fR\|(3), \fICrypt::RSA::DataFormat\fR\|(3), \&\fICrypt::RSA::Errorhandler\fR\|(3), \fICrypt::RSA::Debug\fR\|(3), \fICrypt::Primes\fR\|(3), \&\fICrypt::Random\fR\|(3), \fICrypt::CBC\fR\|(3), \fICrypt::Blowfish\fR\|(3), \&\fITie::EncryptedHash\fR\|(3), \fIConvert::ASCII::Armour\fR\|(3), \fIMath::Pari\fR\|(3), \&\fIClass::Loader\fR\|(3), \fIcrypt\-rsa\-interoperability\fR\|(3), \&\fIcrypt\-rsa\-interoperability\-table\fR\|(3). .SH "REPORTING BUGS" .IX Header "REPORTING BUGS" All bug reports related to Crypt::RSA should go to rt.cpan.org at \f(CW\*(C`http://rt.cpan.org/Dist/Display.html?Queue=Crypt\-RSA\*(C'\fR .PP Crypt::RSA is considered to be stable. If you are running into a problem, it's likely of your own making. Please check your code and consult the documentation before posting a bug report. A google search with the error message might also shed light if it is a common mistake that you've made. .PP If the module installation fails with a \*(L"Segmentation Fault\*(R" or \&\*(L"Bus Error\*(R", it is likely a Math::Pari issue. Please consult Math::Pari bugs on rt.cpan.org or open a bug there. There have been known issues on HP-UX and SunOS systems (with Math::Pari), so if you are on those OSes, please consult Math::Pari resources before opening a Crypt::RSA bug. .SH "BIBLIOGRAPHY" .IX Header "BIBLIOGRAPHY" Chronologically sorted (for the most part). .IP "1 \fBR. Rivest, A. Shamir, L. Aldeman.\fR A Method for Obtaining Digital Signatures and Public-Key Cryptosystems (1978)." 4 .IX Item "1 R. Rivest, A. Shamir, L. Aldeman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems (1978)." .PD 0 .IP "2 \fBU. Maurer.\fR Fast Generation of Prime Numbers and Secure Public-Key Cryptographic Parameters (1994)." 4 .IX Item "2 U. Maurer. Fast Generation of Prime Numbers and Secure Public-Key Cryptographic Parameters (1994)." .IP "3 \fBM. Bellare, P. Rogaway.\fR Optimal Asymmetric Encryption \- How to Encrypt with \s-1RSA\s0 (1995)." 4 .IX Item "3 M. Bellare, P. Rogaway. Optimal Asymmetric Encryption - How to Encrypt with RSA (1995)." .IP "4 \fBM. Bellare, P. Rogaway.\fR The Exact Security of Digital Signatures \- How to sign with \s-1RSA\s0 and Rabin (1996)." 4 .IX Item "4 M. Bellare, P. Rogaway. The Exact Security of Digital Signatures - How to sign with RSA and Rabin (1996)." .IP "5 \fBB. Schneier.\fR Applied Cryptography, Second Edition (1996)." 4 .IX Item "5 B. Schneier. Applied Cryptography, Second Edition (1996)." .IP "6 \fBA. Menezes, P. Oorschot, S. Vanstone.\fR Handbook of Applied Cryptography (1997)." 4 .IX Item "6 A. Menezes, P. Oorschot, S. Vanstone. Handbook of Applied Cryptography (1997)." .IP "7 \fBD. Boneh.\fR Twenty Years of Attacks on the \s-1RSA\s0 Cryptosystem (1998)." 4 .IX Item "7 D. Boneh. Twenty Years of Attacks on the RSA Cryptosystem (1998)." .IP "8 \fBD. Bleichenbacher, M. Joye, J. Quisquater.\fR A New and Optimal Chosen-message Attack on RSA-type Cryptosystems (1998)." 4 .IX Item "8 D. Bleichenbacher, M. Joye, J. Quisquater. A New and Optimal Chosen-message Attack on RSA-type Cryptosystems (1998)." .IP "9 \fBB. Kaliski, J. Staddon.\fR Recent Results on \s-1PKCS\s0 #1: \s-1RSA\s0 Encryption Standard, \s-1RSA\s0 Labs Bulletin Number 7 (1998)." 4 .IX Item "9 B. Kaliski, J. Staddon. Recent Results on PKCS #1: RSA Encryption Standard, RSA Labs Bulletin Number 7 (1998)." .IP "10 \fBB. Kaliski, J. Staddon.\fR \s-1PKCS\s0 #1: \s-1RSA\s0 Cryptography Specifications v2.0, \s-1RFC\s0 2437 (1998)." 4 .IX Item "10 B. Kaliski, J. Staddon. PKCS #1: RSA Cryptography Specifications v2.0, RFC 2437 (1998)." .IP "11 \fB\s-1SSH\s0 Communications Security.\fR \s-1SSH\s0 1.2.7 source code (1998)." 4 .IX Item "11 SSH Communications Security. SSH 1.2.7 source code (1998)." .IP "12 \fBS. Simpson.\fR \s-1PGP\s0 \s-1DH\s0 vs. \s-1RSA\s0 \s-1FAQ\s0 v1.5 (1999)." 4 .IX Item "12 S. Simpson. PGP DH vs. RSA FAQ v1.5 (1999)." .IP "13 \fB\s-1RSA\s0 Laboratories.\fR Draft I, \s-1PKCS\s0 #1 v2.1: \s-1RSA\s0 Cryptography Standard (1999)." 4 .IX Item "13 RSA Laboratories. Draft I, PKCS #1 v2.1: RSA Cryptography Standard (1999)." .IP "14 \fBE. Young, T. Hudson, OpenSSL Team.\fR OpenSSL 0.9.5a source code (2000)." 4 .IX Item "14 E. Young, T. Hudson, OpenSSL Team. OpenSSL 0.9.5a source code (2000)." .IP "15 \fBSeveral Authors.\fR The sci.crypt \s-1FAQ\s0 at http://www.faqs.org/faqs/cryptography\-faq/part01/index.html" 4 .IX Item "15 Several Authors. The sci.crypt FAQ at http://www.faqs.org/faqs/cryptography-faq/part01/index.html" .IP "16 \fBVictor Shoup.\fR A Proposal for an \s-1ISO\s0 Standard for Public Key Encryption (2001)." 4 .IX Item "16 Victor Shoup. A Proposal for an ISO Standard for Public Key Encryption (2001)."