RE: RSA encryption. How to use xxx_PADDING.

Reddie, Steven Thu, 16 Nov 2000 17:33:43 -0800
Sounds a little confusing.  If there's no easy way to tell at decryption
time which blocks use which padding type then you've got a problem.  If you
don't mind potentially having an extra block, perhaps you should use
PKCS1_PADDING for all blocks (ie. encrypt the first "key size - 11 bytes",
then the next, ...).  At least this way you know that you always use
PKCS1_PADDING.

Also, you can't just blindly encrypt a block of data that is the same size
as the key.  The data must be less than the modulus, not just in size but in
value.  For example you cannot encrypt a block when the highest significant
byte of your modulus is 0x53 and the highest significant byte of your data
is 0x54.  For this reason, it's always wise to use padding, as well as for
the increased security.  If you really must use no padding, then grabbing
the number of bytes equal to the keylength is not good enough, you will have
to then compare the BIGNUM values and drop a byte of data if it's bigger
than the modulus.

Just use padding.

> -----Original Message-----
> From: Fedor Utenkov [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, November 16, 2000 7:02 PM
> To:   [EMAIL PROTECTED]
> Subject:      RSA encryption. How to use xxx_PADDING.
> 
> Hello all,
> 
>   I'm  new  to  encryption. I'm using an OpenSSL 0.9.6 to encrypt data
>   using  RSA.  The  data  length  is  about  4  times  longer  against
>   RSA_size()  of my key. To encrypt all data I split it to blocks with
>   length  equal  to  key  size and encrypt one by one w/o PADDING. The
>   last  block,  if  its  length less than key size should be encrypted
>   with  XXX_PADDING.  But, for example, PKCS1_PADDING needs to have at
>   least  11  bytes  difference between data and key lengths. So if for
>   the  last  data  block  length difference less than 11 bytes, I must
>   split   this block again to have 2 blocks with difference greater 11
>   to  encrypt all data. Finally on the decryption step I don't know if
>   there  are  2  or  1  PADDED  blocks at the end of data. Currently I
>   decrypt  data  till the two blocks remaining. Then try decrypt block
>   before  last  with  PADDING  and if error occurs (possible block was
>   encrypted  without PADDING) try to decrypt it w/o PADDING (typically
>   decrypts ok). The same situation with the last block.
> 
>   So I have a question. Is my schema write or it is another more clear
>   way to use RSA cipher with OpenSSL library ?
> 
> Best regards,
> Fedor Utenkov
> ABG Card Technology
> mailto:[EMAIL PROTECTED]
> 
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> Development Mailing List                       [EMAIL PROTECTED]
> Automated List Manager                           [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
RE: RSA encryption. How to use xxx_PADDING.

Reply via email to
