In OAuth: use MAC-SHA1 or RSA-SHA1?

一笑奈何 提交于 2019-12-25 08:30:55

问题


Concerning OAuth, what is the most suitable cryptography/encryption method to use HMAC-SHA1 or RSA-SHA1 ?

Thanks.


回答1:


After looking, it's seems that HMAC is much faster and better in term of security even if the underlying hash function (SHA1) is broken, which is not the case when using RSA-SHA1.




回答2:


In cryptography you normally go for a symmetric scheme - such as HMAC - over an asymmetric scheme - such as RSA for signing - if that is possible within the protocol. In general asymmetric primitives such as RSA (with either the v1.5 or OAEP padding scheme) are slow. They are also more prone to timing and power analysis attacks.

There are however things you can do with asymmetric algorithms that you simply cannot do with symmetric primitives. Building a PKI (certificates) is probably most obvious one. So regarding key management asymmetric primitives have the upper hand. If you get into a situation where e.g. you have to distribute one symmetric key over multiple participants then you are probably in trouble.

So choose symmetric algorithms if you can get away with it within your protocol.



来源:https://stackoverflow.com/questions/20263490/in-oauth-use-mac-sha1-or-rsa-sha1

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!