I need to encrypt a 100KB file using a public key. I've been reading some posts claiming that it is not practical to directly encrypt large files using a public key, and that the preferred method is to encrypt the file using a symmetric key and then encrypt this symmetric key using the public key. It seems that a naive solution would be to break the large file to pieces and encrypt each one of them using the same public key. My question is whether and why this solution is wrong?
The hybrid approach you mention (generate a random symmetric key, use this to encrypt the data, and encrypt only the key asymmetrically) has a massive performance advantage.
You could "break the large file to pieces and encrypt each one of them using the same public key" as well, there is nothing wrong with that, but it is much slower.
If I understand you right, you want to encrypt the file with someone else's public key, to be decrypted by their private key?
The advantage of using symmetric encryption and only using public key cryptography for the (symmetric) key is performance: symmetric cryptography is computationally much less resource-intensive (trade-off: you have to keep the key secret -- and that's what the second, asymmetric step is for).
Breaking up the file adds management overhead (how can you be sure how many chunks there will be? that you have transmitted them all?) and doesn't add any security. On the contrary.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With