* David Schwartz wrote:
But can I use e.g. a 1024 bit key pair with a block size of 116
byte, that is not depending on the problem shown above, isn't it?!
What is the security reason, why not to do this?
That would seriously weaken the security properties.
http://en.wikipedia.org/wiki/RSA
Read the section on padding schemes. An attacker than can predict the
plaintext can break the encryption. A 116 byte plaintext may not be
sufficiently unpredictable to preserve the level of security you
expect from
a 1,024 bit key. (RSA is 100% deterministic.)
Oh yes, RSA is a deterministic encryption method. To protect RSA from
a known-
plaintext-attack, a random padding string is used, right? How secure
is it or
do you say, for 116 byte disc space I have to use a probabilistic
encryption
system, like ElGamal.
But OpenSSL cannot ElGamal encryption. Hmm...
RSA cannot be used securely except by experts (because it has too many
internal weaknesses that must be carefully worked around by the
surrounding
system). I strongly urge you to either use a pre-designed scheme
around RSA
or to employ an expert. There are simply too many ways you can go
wrong.
What do you suggest? I want to store some encrypted data on this 116
byte sized
disc. I want to use an asymmetric encryption system with only one key
pair for
many such 116 byte discs, used by many people. Think on two-factor-
authentication
with a smartcard without cryptographic functions (a passive storage).
Hmm, I think I have to use some probabilistic (asymmetric) encryption
method...
Thanks a lot!
Philippe
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
