crypto++ RSA public key encryption with long plaintext

我们两清 提交于 2019-12-22 11:15:10

问题


i am trying to encrypt/decrypt some long text with RSA public/private key encryption using cryptopp. I found many examples including the official on http://www.cryptopp.com/wiki/RSA but all of the examples have one problem:

They only allow me to encrypt data that is a bit shorter then the key size.

So the question is: Do i really have to split the data and encrypt block for block myself, or does crypto++ already provide some functions to handle this (like GCM or CFB modes on AES encryption)?

Thanx


回答1:


Generally you should not encrypt large plaintexts using RSA. You can use RSA-OAEP using the ECB mode of encryption, but that's extremely slow and does not give you any advantages over the more common hybrid encryption modes.

In hybrid encryption modes you simply generate a symmetric data key using a secure random number generator. Generally AES-128 bit will be sufficiently strong. You then encrypt the plaintext using this key, e.g. using AES in CBC mode; you may use a zero-IV and PKCS#7 padding. Finally you encrypt the AES key using RSA-OAEP; use either PKCS#1 v1.5 padding if OAEP cannot be used.

The reverse is obvious, decrypt the AES key, decrypt the ciphertext.

Note that you need at least 11 bytes of padding overhead (not just 1 bit) to subtract from the key size to encrypt using RSA in PKCS#1 v1.5. The padding is part of the security of RSA.


You could add integrity protection by signing and then encrypting your data. You could use AES-GCM as you propose, but note that an attacker may still encrypt any data and send it to the receiver. So AES-GCM would only provide limited integrity protection.



来源:https://stackoverflow.com/questions/20476102/crypto-rsa-public-key-encryption-with-long-plaintext

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!