At 12:30 PM 4/8/2003 -0700, you wrote:

Yeh, you mean read and write in chunks like you do in stdio. But to make it secure, you need to add some random data to the message, or successive messages can open you to differential attacks, no?


RSA takes an RNG, which you should be passing as a param when you instantiate the Encrypt/Decrypt object (Are you using 5.1?). The difference in fixedMaxPlainTextLength and the fixedMaxCipherTextLength is the random padding that makes two encryptions of the same message completely different. So, you are adding your own "noise" in, which is fine, but should not be necessary.

michael

Reply via email to