问题
i am trying to encrypt/decrypt some long text with RSA public/private key encryption using cryptopp. I found many examples including the official on http://www.cryptopp.com/wiki/RSA but all of the examples have one problem:
They only allow me to encrypt data that is a bit shorter then the key size.
So the question is: Do i really have to split the data and encrypt block for block myself, or does crypto++ already provide some functions to handle this (like GCM or CFB modes on AES encryption)?
Thanx
回答1:
Generally you should not encrypt large plaintexts using RSA. You can use RSA-OAEP using the ECB mode of encryption, but that's extremely slow and does not give you any advantages over the more common hybrid encryption modes.
In hybrid encryption modes you simply generate a symmetric data key using a secure random number generator. Generally AES-128 bit will be sufficiently strong. You then encrypt the plaintext using this key, e.g. using AES in CBC mode; you may use a zero-IV and PKCS#7 padding. Finally you encrypt the AES key using RSA-OAEP; use either PKCS#1 v1.5 padding if OAEP cannot be used.
The reverse is obvious, decrypt the AES key, decrypt the ciphertext.
Note that you need at least 11 bytes of padding overhead (not just 1 bit) to subtract from the key size to encrypt using RSA in PKCS#1 v1.5. The padding is part of the security of RSA.
You could add integrity protection by signing and then encrypting your data. You could use AES-GCM as you propose, but note that an attacker may still encrypt any data and send it to the receiver. So AES-GCM would only provide limited integrity protection.
来源:https://stackoverflow.com/questions/20476102/crypto-rsa-public-key-encryption-with-long-plaintext