什么是 RSA & DSA

phpor

RSA and DSA(Digital Signature Algorithm) are two different algorithms. RSA can be used both for encrypting and signing, while DSA can only be used for signing. I think DSA is considered more secure if you just want to sign stuff, but I'm not sure about that.
Indeed, it is normal behaviour for it to ask for the passphrase every time. The passphrase is the key for the symmetric cipher that the key is encrypted with, so SSH can't decrypt the key for usage if you don't specify the passphrase. You can change the passphrase with "ssh-keygen -p". You can even choose not to have a passphrase, which is convienent for jumping between computers without using a password. Of course, it's bad if someone would get your private key, since they would be able to do the same, but as long as you keep your secret key in a safe place and unreadable for other users than yourself, you're safe.

What is RSA?
RSA is a public-key cryptosystem for both encryption and authentication; it was invented in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman
[RSA78]
. It works as follows: take two large primes, p and q, and find their product n = pq ; n is called the modulus. Choose a number, e, less than n and relatively prime to (p-1)(q-1), which means that e and (p-1)(q-1) have no common factors except 1. Find another number d such that (ed - 1) is divisible by (p-1)(q-1). The values e and d are called the public and private exponents, respectively. The public key is the pair (n,e); the private key is (n,d). The factors p and q maybe kept with the private key, or destroyed.
It is difficult (presumably) to obtain the private key d from the public key (n,e). If one could factor n into p and q, however, then one could obtain the private key d. Thus the security of RSA is related to the assumption that factoring is difficult. An easy factoring method or some other feasible attack would "break" RSA (see
Question 10
and
Question 46
).
Here is how RSA can be used for privacy and authentication (in practice, the actual use is slightly different; see
Question 16
and
Question 17
):
RSA privacy (encryption): Suppose Alice wants to send a message m to Bob. Alice creates the ciphertext c by exponentiating: c = me mod n, where e and n are Bob's public key. She sends c to Bob. To decrypt, Bob also exponentiates: m = cd mod n; the relationship between e and d ensures that Bob correctly recovers m. Since only Bob knows d, only Bob can decrypt.
RSA authentication: Suppose Alice wants to send a message m to Bob in such a way that Bob is assured that the message is authentic and is from Alice. Alice creates a digital signature s by exponentiating: s = md mod n, where d and n are Alice's private key. She sends m and s to Bob. To verify the signature, Bob exponentiates and checks that the message m is recovered: m = se mod n, where e and n are Alice's public key.
Thus encryption and authentication take place without any sharing of private keys: each person uses only other people's public keys and his or her own private key. Anyone can send an encrypted message or verify a signed message, using only public keys, but only someone in possession of the correct private key can decrypt or sign a message.


本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u1/53398/showart_474784.html