Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to encrypt/decrypt long input messages with RSA? [Openssl, C]

Tags:

c

openssl

cryptography

rsa

encryption

I wrote a simple test program that encrypts/decrypts a message.

I have a keylength:

int keylength = 1024; // it can also be 2048, 4096

and max input length:

int maxlen = (keylength/8)-11;

and I know that my input size should be < than maxlen, something like this:

if(insize >= maxlen)
        printf("cannot encrypt/decrypt!\n");

My question is simple - is it possible (if so, how can I do this) to encrypt/decrypt with RSA messages LONGER than maxlen?

Main code is also, very simple but works only when insize < maxlen:

   if((encBytes=RSA_public_encrypt(strlen(buff1)+1, buff1, buff2, keypair, RSA_PKCS1_PADDING)) == -1)
    {
        printf("error\n");
    }

    if((decBytes=RSA_private_decrypt(encBytes, buff2, buff3, keypair, RSA_PKCS1_PADDING)) == -1)
    {
        printf("error\n");
    }
like image 393
ivy Avatar asked Oct 13 '13 10:10

ivy

2 Answers

Encrypting long messages requires combined scheme - RSA algorithm encrypts session key (i.e. AES key), and data itself is encrypted with that key. I would recommend to not invent another bicycle and use well established scheme, i.e. PKCS#7/CMS or OpenPGP, depending on your needs.

like image 104
Nickolay Olshevsky Avatar answered Nov 14 '22 22:11

Nickolay Olshevsky

You would be able to encrypt long messages with RSA the same way as it is done with block ciphers. That is, encrypt the messages in blocks and bind the blocks with an appropriate chaining mode. However, this is not the usual way to do it and you won't find support for it (RSA chaining) in the libraries you use.

Since RSA is quite slow, the usual way to encrypt large messages is using hybrid encryption. In hybrid encryption you use a fast symmetric encryption algorithm (like AES) for encrypting the data with a random key. The random key is then encrypted with RSA and send along with the symmetric key encrypted data.

EDIT:

As fore your implementation, you have insize = 1300 and keylength = 1024 which gives maxlen = 117. To encrypt the full message you those needs 12 encrypts, that each produce 128 bytes, giving an encrypted size of 1536 bytes. In your code you only allocates buffers of 1416 bytes. Also, you don't seem to allow for 128 bytes output as you only increment with 117 in:

RSA_public_encrypt(maxlen, buff1+i, buff2+i, keypair, RSA_PKCS1_PADDING)

and 

i += maxlen;
like image 28
Ebbe M. Pedersen Avatar answered Nov 14 '22 23:11

Ebbe M. Pedersen
Sign in to Comment

Related questions

Why is padding added for multiple data members of structures and not for single members?
Install & Compile ZeroMQ/ZMQ/0MQ on Ubuntu 12.04 32bit
How to access pointer members in a Struct variable in C?
What's meaning of these volatile with pointers in C ?
Is it possible to hardcode shared library position in C program?
Buffer Overflow not working
What is the most efficient way to monitor the number of context switches in linux kernel?
unsigned integers in C [closed]
OpenCV finding picture (frame) in video
Different execution orders cause differences in performance of a Pthread program
Why dereferencing a NSString pointer is not necessary?
What happens if we bitwise shift an integer more than its size [duplicate]
Is there a full memory barrier around sem_post(sem_t * sem) and sem_wait(sem_t * sem)?
How to use a scanf width specifier of 0?
glibc - list and other data structures implementations
Coding multiple pipe in C
Send struct over socket in C
Correct way of unrolling loop using gcc
For loop macro which unrolled on the pre-processor phase?
C Macro - was not declared in this scope error

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!