Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why does RSA encrypted text give me different results for the same text

I am encrypting data with openSSL using RSA encryption, which works fine. My understanding of RSA is, that encrypting the same data with the same public key will always give you the same result (as stated here or here).

However, using openssl I get different results every time I repeat the encryption. For example:

➜  ~  echo '30' | openssl rsautl -encrypt -inkey pub.pem -pubin  | shasum       11b6e058273df1ebe0be5e0596e07a6c51724ca0  -  ➜  ~  echo '30' | openssl rsautl -encrypt -inkey pub.pem -pubin  | shasum       05cb82595f7429ef196189f4e781088597d90eee  - 

So why is the output not unique? Is it because I got the RSA encryption wrong or because openssl does some additional magic?

Actually I am trying to design a database which stores only RSA encrypted data. I would like to do searches on the hashsums of the encrypted information, which is impossible if the encryption procedure by itself is not unique.

like image 323
psibar Avatar asked May 01 '13 19:05

psibar


People also ask

Why RSA does not encrypt the entire message?

It isn't generally used to encrypt entire messages or files, because it is less efficient and more resource-heavy than symmetric-key encryption. To make things more efficient, a file will generally be encrypted with a symmetric-key algorithm, and then the symmetric key will be encrypted with RSA encryption.

How do I decode an RSA message?

To decrypt a ciphertext C using an RSA public key we simply compute the plaintext M as: M = Cd mod N. Note that both RSA encryption and RSA decryption involve a modular exponentiation and so we would be well advised to use the Repeated Squares Algorithm if we want to make these processes reasonably efficient.

How do I decrypt RSA encrypted text?

As RSA is asymmetric encryption technique, if text is encrypted using public key then for decryption we should use the private key and vice versa. Select the Decryption Algorithm. Some Algorithms need to have key size greater than 512 bits. This should be the same algorithm you had used during encryption.


2 Answers

A secure RSA encryption is implemented with an appropriate padding scheme, which includes some randomness. See PKCS#1 or OAEP for more details.

The RSA encryption encrypts message padded with '0's and and a string of random bit. In the process, the random string is "hidden" in the ciphertext by cryptographic hashing and XORing. On decryption, the RSA decryption recovers the random string from the ciphertext and use it to recover message. This is why you get different result with openssl rsautl for the same text message.

like image 81
Chiara Hsieh Avatar answered Oct 14 '22 13:10

Chiara Hsieh


Ok, I got it. RSA by itself is deterministic. However, to get a better security and prevent attackers from guessing the encrypted information, the encryption is done not on the pure "data" but on "data"+"some-random-pattern" (I should have read wikipedia more carefully)

like image 25
psibar Avatar answered Oct 14 '22 11:10

psibar