Menu
I am encrypting data with openSSL using RSA encryption, which works fine. My understanding of RSA is, that encrypting the same data with the same public key will always give you the same result (as stated here or here).
However, using openssl I get different results every time I repeat the encryption. For example:
➜ ~ echo '30' | openssl rsautl -encrypt -inkey pub.pem -pubin | shasum 11b6e058273df1ebe0be5e0596e07a6c51724ca0 - ➜ ~ echo '30' | openssl rsautl -encrypt -inkey pub.pem -pubin | shasum 05cb82595f7429ef196189f4e781088597d90eee - So why is the output not unique? Is it because I got the RSA encryption wrong or because openssl does some additional magic?
Actually I am trying to design a database which stores only RSA encrypted data. I would like to do searches on the hashsums of the encrypted information, which is impossible if the encryption procedure by itself is not unique.
323
It isn't generally used to encrypt entire messages or files, because it is less efficient and more resource-heavy than symmetric-key encryption. To make things more efficient, a file will generally be encrypted with a symmetric-key algorithm, and then the symmetric key will be encrypted with RSA encryption.
To decrypt a ciphertext C using an RSA public key we simply compute the plaintext M as: M = Cd mod N. Note that both RSA encryption and RSA decryption involve a modular exponentiation and so we would be well advised to use the Repeated Squares Algorithm if we want to make these processes reasonably efficient.
As RSA is asymmetric encryption technique, if text is encrypted using public key then for decryption we should use the private key and vice versa. Select the Decryption Algorithm. Some Algorithms need to have key size greater than 512 bits. This should be the same algorithm you had used during encryption.
A secure RSA encryption is implemented with an appropriate padding scheme, which includes some randomness. See PKCS#1 or OAEP for more details.
The RSA encryption encrypts message padded with '0's and and a string of random bit. In the process, the random string is "hidden" in the ciphertext by cryptographic hashing and XORing. On decryption, the RSA decryption recovers the random string from the ciphertext and use it to recover message. This is why you get different result with openssl rsautl for the same text message.
81
Ok, I got it. RSA by itself is deterministic. However, to get a better security and prevent attackers from guessing the encrypted information, the encryption is done not on the pure "data" but on "data"+"some-random-pattern" (I should have read wikipedia more carefully)
25
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
