Menu
My Problem:
My encryption code working fine for below 64 characters. but if it exceeds 64 character I got following error
javax.crypto.IllegalBlockSizeException: input must be under 64 bytes
Encryption code
cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
encryptedBytes = cipher.doFinal(message.getBytes(StandardCharsets.UTF_8));
rsaEncrypted= Base64.encodeToString(encryptedBytes, Base64.NO_WRAP);
Key generation code
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(512);
KeyPair keypair = keyGen.genKeyPair();
PublicKey pub = keypair.getPublic();
byte[] pubs = pub.getEncoded();
My question:
It's possible encrypt large text with 512 bits of keys? Any mistake in my code?
Note: If anyone want full of code I will update later.
326
Simply, RSA is very resource expensive algorithm, it takes time to generate RSA keys and to perform operations on these enormous prime numbers. As the size of data increases, the process load increases and the whole thing ends up taking too much time to complete.
RSA is a very resource-intensive algorithm because it performs operations on relatively large prime numbers to encrypt the data, and every block is encrypted differently. This makes it unideal for encrypting large files because it'll take too much time to perform all those calculations on each block.
The modulus size is the key size in bits / 8. Thus a 1024-bit RSA key using OAEP padding can encrypt up to (1024/8) – 42 = 128 – 42 = 86 bytes. A 2048-bit key can encrypt up to (2048/8) – 42 = 256 – 42 = 214 bytes.
Disadvantages of RSA It may fail sometimes because for complete encryption both symmetric and asymmetric encryption is required and RSA uses symmetric encryption only. It has slow data transfer rate due to large numbers involved. It requires third party to verify the reliability of public keys sometimes.
The number of bytes you can encrypt in one RSA block is dictated by the key size used minus any bytes taken up for padding.
Generally RSA is not suited for bulk encryption as it's quite slow. Instead use a symmetric encryption algorithm like AES if you can. If you really need the two key's of RSA, use a Hybrid approach where you encrypt the data with a random symmetric key, and then encrypt that key with the RSA key.
A benefit of using symmetric encryption is also that the libraries automatically supports bulk encryption - which they don't for RSA.
198
Here is a direct quote from the seminal book titled Cryptography Engineering by Ferguson, Schneier, and Kohno,
Encrypting a message is the canonical application of RSA, yet it is almost never used in practice. The reason is simple: the size of the message that can be encrypted using RSA is limited by the size of n. In real systems, you cannot even use all the bits, because the encoding function has an overhead. This limited message size is too impractical for most applications, and because the RSA operation is quite expensive in computational terms, you don’t want to split a message into smaller blocks and encrypt each of them with a separate RSA operation.
In other words, for a n-bit RSA key, the maximum length of data RSA can encrypt in bytes is
Floor(n/8) - 11
where 11 bytes is for padding
So for a key size of 512 bits, the maximum length of data that can be encrypted is,
512/8 - 11 = 53 bytes
Again from the book Cryptography Engineering,
The solution used almost everywhere is to choose a random secret key K, and encrypt K with the RSA keys. The actual message m is then encrypted with key K using a block cipher or stream cipher. So instead of sending something like ERSA(m), you send ERSA(K),EK(m).
Basically, it's telling you do the following to get over the limitation of RSA,
K using an algorithm such as AES.m, with the newly generated secret key to get cipher text, say EK(m).K.K to get m.
35
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
