RSA-DES hybrid method

The RSA-DES hybrid method (abbreviated RDH , RSA-DES hybrid ) is a mixed ( hybrid ) encryption method in which the symmetrical Triple-DES and the asymmetrical RSA method are used together.

Procedure

For applications in electronic banking (see HBCI and FinTS ), the message to be transmitted is encrypted with two keys using the Triple DES method. While one of the keys used is read from a security medium - chip card (all security profiles RDH1 to RDH4) or key disk (only RDH1 and RDH2) - a random number is used as the second key , which is generated for each message. This session key is a length up to 2048 (RDH3 and RDH4) bit padded (engl. Padding ), with the public key (RSA) of the receiver (in the home banking this is the Bank) are encrypted and transmitted together with the message.

Security profiles

When using RDH as part of the HBCI security procedure, four security profiles RDH-1 to RDH-4 are described, which differ in a number of parameters (RSA key length, padding, hash function , signature algorithm ). RDH-1 works with a key length of 708–768 bits, all other profiles with 1024–2048 bits. Only signature cards are permitted as security medium for the recommended security profiles RDH-3 and RDH-4 .

Web links

• IT Lexicon RSA-DES Hybrid
• FinTS V4.1 specification - as of: January 20, 2014 (PDF) (3,813 kB)