When talking about asymmetric encryption it is often said that due to some reasons

Question

0

Asked: June 16, 20262026-06-16T07:30:43+00:00 2026-06-16T07:30:43+00:00

When talking about asymmetric encryption it is often said that due to some reasons

0

When talking about asymmetric encryption it is often said that due to some reasons you should not encrypt your entire message asymmetrically, e.g. performance considerations.

The usually suggested workflow is:

Create a random key for symmetric encryption
Encrypt the message using this random key
Encrypt the random key using asymmetric encryption
Send the encrypted message and the encrypted key to the recipient

So far, so good.

Just two questions:

How do I send the encrypted message and the encrypted key in combination? Is there a standard for that? Or am I completely free on how to do this? (I’d prefer a standard if there is one).
Is there any best practice on how to create the random key? To be more specific: Is there a specific function in OpenSSL that should be used for that?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-16T07:30:45+00:00

Editorial Team

2026-06-16T07:30:45+00:00Added an answer on June 16, 2026 at 7:30 am

This was answered in comments. I would better recommend to check OpenPGP – it is somehow easier to understand, CMS has a huge ASN.1 structures overload.
Random key just should be completely random byte string, generated from good random source.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

When talking about asymmetric encryption it is often said that due to some reasons

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply