Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What is the limit to the amount of data that can be encrypted with RSA?

Tags:

java

cryptography

encryption

Typically it is recommended that RSA be used to encrypt a symmetric key, which is then used to encrypt the "payload".

What is the practical (or theoretical) limit to the amount of data that can be encrypted with RSA (I'm using a 2048 bit RSA keysize).

In particular, I'm wondering if it is safe to encrypt an RSA public key (256 bytes) with a (different) RSA public key? I'm using the Bouncy Castle crypto libraries in Java.

like image 602
sanity Avatar asked Apr 07 '11 15:04

sanity

People also ask

Why is RSA not suitable to encrypt large amounts of data?

Simply, RSA is very resource expensive algorithm, it takes time to generate RSA keys and to perform operations on these enormous prime numbers. As the size of data increases, the process load increases and the whole thing ends up taking too much time to complete.

Does RSA encryption increase data size?

Symmetric encryption does not increase the size of the data. The maximum asymmetric data size is 11 bytes less than the size of the key.

What is size of RSA key?

For RSA keys, the minimum size for clear RSA keys and secure RSA keys on the public key data set (PKDS) is 512 bits. The minimum size for secure RSA keys on the token key data set (TKDS) is 1024 bits and the size must be a multiple of 256.

1 Answers

For a n-bit RSA key, direct encryption (with PKCS#1 "old-style" padding) works for arbitrary binary messages up to floor(n/8)-11 bytes. In other words, for a 1024-bit RSA key (128 bytes), up to 117 bytes. With OAEP (the PKCS#1 "new-style" padding), this is a bit less: OAEP use a hash function with output length h bits; this implies a size limit of floor(n/8)-2*ceil(h/8)-2: still for a 1024-bit RSA key, with SHA-256 as hash function (h = 256), this means binary messages up to 60 bytes.

There is no problem in encrypting a RSA key with another RSA key (there is no problem in encrypting any sequence of bytes with RSA, whatever those bytes represent), but, of course, the "outer" RSA key will have to be bigger: with old-style padding, to encrypt a 256-byte message, you will need a RSA key with a modulus of at least 2136 bits.

Hybrid modes (you encrypt data with a random symmetric key and encrypt that symmetric key with RSA) are nonetheless recommended as a general case, if only because they do not have any practical size limits, and also because they make it easier to replace the RSA part with another key exchange algorithm (e.g. Diffie-Hellman).

like image 192
Thomas Pornin Avatar answered Sep 22 '22 09:09

Thomas Pornin
Sign in to Comment

Related questions

What's the point of verifying the number of times a function is called with Mockito?
Sorting the characters in a UTF-16 string in Java
Use Collectors to convert List to Map of Objects - Java
java.lang.RuntimeException: Requested enabled DevSupportManager, but DevSupportManagerImpl class was not found or could not be created
Gradle "Entry .classpath is a duplicate but no duplicate handling strategy has been set"
Should I use a Listener or Observer?
URLEncoder encode / URLDecoder decode in java (Android)
Preserving parameter/argument names in compiled java classes
How do I test with DBUnit with plain JDBC and HSQLDB without facing a NoSuchTableException?
Does Java Serialization work for cyclic references?
How do I call overloaded Java methods in Clojure
Why does Java uses heap for memory allocation? [duplicate]
Memory Consistency Errors vs Thread interference
Setting Time Format for jspinner in swings
Invoke method just before session expires
How to inject String constants easily with Weld?
Is there any way to detect an RTL language in Java?
Good uses of the finalize() method [duplicate]
add JMenuBar to a JPanel?
Why does DecimalFormat allow characters as suffix?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!