Intel EP80579 ユーザーズマニュアル

Intel

®

 EP80579 Software for Security Applications on Intel

®

 QuickAssist Technology

August 2009

PG

Order Number: 320183-004US

27

RSA may be used for encryption or signature generation. The Chinese Remainder 

Theorem (CRT) can be used as a method of RSA acceleration. CRT describes how to do 

exponentiation (or multiplication) modulo a composite modulus n as a series of smaller 

multiplications modulo the prime factors of n. Its cryptographic strength is derived 

from the fact that it is difficult to factor large composite numbers.

When used for encryption, the message is encapsulated using the PKCS v1.5 

(deprecated) or OAEP (Optimal Asymmetric Encryption Padding) encoding schemes. 

OAEP is an improvement over the v1.5 (encryption) encoding scheme in that it 

provides security against adaptive chosen-ciphertext attacks.

When used for digital signatures, the message is encapsulated using the PKCS v1.5 

(deprecated) or PSS (Probabilistic Signature Scheme). Although there are no known 

attacks against the PKCS v1.5 (signature) encoding scheme, the PSS encoding is more 

robust, as it introduces randomness into the encoded message, so that the same 

plaintext message will, in general, produce different encoded messages.

The above schemes (PKCS v1.5, OAEP, DSS, PSS) are supported by the Cryptographic 

API through supporting RSA primitive operations. There are no specific APIs to perform 

the encapsulation of the encryptions/signatures generated by the RSA primitive 

operations.

DSA is used for signature generation and verification only. It is a digital signature 

rather than a written signature. The DSA provides the capability to generate and verify 

signatures. Signature generation makes use of a private key to generate a digital 

signature. Signature verification makes use of a public key which corresponds to, but is 

not the same as, the private key. Each user possesses a private and public key pair. 

Public keys are assumed to be known to the public in general. Private keys are never 

shared. Anyone can verify the signature of a user by employing that user's public key. 

Signature generation can be performed only by the possessor of the user's private key.

A hash function is used in the signature generation process to obtain a condensed 

version of data, called a message digest. The message digest is then input to DSA to 

generate the digital signature. The digital signature is sent to the intended verifier 

along with the signed data. The verifier of the message and signature verifies the 

signature by using the sender's public key. The same hash function must also be used 

in the verification process.

The underlying mathematical principle is Fermat’s Little Theorem, which states that gp-

1 mod p = 1 for p prime. Its cryptographic strength is derived from the fact that 

logarithms are difficult to do in a MODP group. As with Diffie-Hellman, DSA may be 

applied in an ephemeral manner, in which parameters are generated on the fly and 

used to create only one digital signature.

Lookaside provides an interface to test probabilistically if a number is prime (refer to 

ANSI x9.80 specification for details). This is used for testing the primality of random 

numbers generated for key material. The following algorithms are supported for prime 

number sizes (in bits) 160, 512, 768, 1024, 1536, 2048, 3072 and 4096.

• GCD
• Fermat
• Miller-Rabin
• Lucas