Chuck Pareto wrote: > My group is using RSA with a key thats 2048 in size. > We want to encrypt strings that are longer then this > key size gives. > If we switch to a key that is 4096 what is the max > string length we can encrypt? is it double?
No, no! You are doing this all wrong! RSA is an algorithm that defines a mathematical operation sometimes called "encryption", and it bears a superficial resemblance to actual encryption algorithms actually use it to encrypt data you want to keep secret. But the RSA primitive operations have to be assembled by cryptographic experts into complete recipes that create a actual encryption algorithm that can meet real security requirements. There are numerous known defects in RSA "encryption" that prevent it from being used directly as an encryption algorithm. As a trivial example, consider messages to attack a target. One day you send a message "attack tomorrow". This message is intercepted, but the enemy cannot make sense of it. Two days later, the enemy intercepts the same ciphertext (because the algorithm is deterministic). He now knows that you will attack tomorrow. There's also Johan HÃ¥stad's attack based on the Chinese remainder theorem. And many others, including a devastating chosen-ciphertext attack. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
