Common Data Security Architecture (CDSA) White Paper
22 Chapter1
Common Data Security Architecture (CDSA) White Paper
Cryptography Service Provider (CSP) API
Figure 1-5 Dual Asymmetric Key Algorithm
Symmetric Key Algorithm
Because asymmetric key algorithms are very expensive computationally, symmetric key
algorithms (which use the same one key to encrypt and decrypt) are used to bulk-encrypt the
data. In this example, an asymmetric key algorithm is used to encrypt only the symmetric
key.
[1] A chooses a symmetric key algorithm (such as RC2 or RC4) and uses it to generate a
symmetric key to bulk-encrypt A’s data.
[2] A then use B’s public key to encrypt the symmetric key. A sends both symmetric key and
bulk-encrypted data to B.
[3] B uses B’s private key to decrypt the symmetric key.
[4] B uses the symmetric key to decrypt A’s encrypted data.
B:
[2]
[1]
.
A:
B
A’s encrypted dataA’s data B’s public key
B
A’s dataA’s encrypted dataB’s private key
B