Mailing List Archive: GnuPG: gcrypt

There is a maximum size of data to encrypt using RSA?

Index | Next | Previous | View Threaded

contato at tiago

Aug 2, 2012, 7:11 AM

Post #1 of 3 (265 views)
Permalink

There is a maximum size of data to encrypt using RSA?

I am trying to encrypt a block of 1249 bytes with RSA, but when I use
/gcry_sexp_build/ to build a s-expression to be encrypted the function
return an empty s-expression.

But when I use a smaller block of bytes (like 20 or 100)
/gcry_sexp_build/ works well....

To build a s-expression I am using this:

gcry_sexp_build(&raw_data, &errorff, "(data (flags pkcs1) (value %b))",
data_size, d.data);

where /d.data/ is a /unsigned char */ and /data_size/ is an integer with
the number of bytes in /d.data/.

Am I doing something wrong? Or Libgcrypt can not manipulate this amount
of data.

--

Tiago de França Queiroz

Universidade Federal do ABC - UFABC
Bacharelando em Ciências e Tecnologia
Bacharelando em Ciências da Computação

wk at gnupg

Aug 2, 2012, 11:05 AM

Post #2 of 3 (244 views)
Permalink

Re: There is a maximum size of data to encrypt using RSA? [In reply to]

On Thu, 2 Aug 2012 16:11, contato [at] tiago said:

> I am trying to encrypt a block of 1249 bytes with RSA, but when I use
> /gcry_sexp_build/ to build a s-expression to be encrypted the function
> return an empty s-expression.

You can't do this unless you have a huge key (e.g. 16k bit). I suggest
to read a text book on practical implementation of public key
cryptography. For example

@Book{Fer:03:PC,
author = "Niels Ferguson and Bruce Schneier",
title = "Practical Cryptography",
language = "USenglish",
edition = "first",
publisher = pub-WIL,
address = pub-WIL:adr,
pages = "xx + 410",
year = "2003",
ISBN = "0-471-22357-3",
URL = "http://www.macfergus.com/pc/"
}

there should also be similar courses available online. The old Schneier
book

@Book{Sch:96:AC,
author = "Bruce Schneier",
title = "Applied Cryptography",
language = "USenglish",
edition = "second",
publisher = pub-WIL,
address = pub-WIL:adr,
pages = "xxiii + 758",
year = "1996",
ISBN = "0-471-11709-9",
}

gives a good overview and a still good reference is the online available
HAC:

@Book{Men:96:HAC,
author = "Alfred J. Menezes and Paul van Oorschot and
Scott Vanstone",
title = "Handbook of Applied Cryptography",
language = "USenglish",
publisher = pub-CRC,
address = pub-CRC:adr,
pages = "xxvii + 780",
year = "1996",
ISBN = "0-8493-8523-7",
keywords = "cryptograpy",
}

And while I am at it: Everyone in our business should have read this
book:

http://www.cl.cam.ac.uk/~rja14/book.html

> Am I doing something wrong? Or Libgcrypt can not manipulate this amount
> of data.

It is one of the basic PKCS#1 checks it does. However, in general
Libgcrypt does not protect you from doing entirely wrong stuff.

Salam-Shalom,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel

bradh at frogmouth

Aug 3, 2012, 3:54 AM

Post #3 of 3 (241 views)
Permalink

Re: There is a maximum size of data to encrypt using RSA? [In reply to]

On Friday 03 August 2012 00:11:27 Tiago Queiroz wrote:
> I am trying to encrypt a block of 1249 bytes with RSA, but when I use
> gcry_sexp_build to build a s-expression to be encrypted the function
> return an empty s-expression.
Please don't try to do very low level crypto (like this) without detailed
understanding. Its very easy to make a mistake that completely destroys the
security of the system and not know.

A higher level implementation (e.g. PGP/GnuPG) would be a much better
approach.

Brad

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads