Encryption of long strings
D. Ogranos
Ranch Hand
Posts: 214
posted 6 years ago
I'm a complete newb when it comes to using encryption (I've written some password hash methods but never used real encryption/decryption). Now one of our projects requires encrypted data. We have a crypto class which is supposed to do this, but it was written long before my time (was written by a collegue who's not around anymore). The encrypt method works fine for short strings but for longer ones it fails. I've tried to cut it down to its essentials, which are:
When run with the shortTest string, this program works fine, printing out the encrypted data length, and at the end says that the decrypted data is the same as the original data. However with the longTest string an exception is thrown in the encrypt method: "Data must not be longer than 245 bytes".
So, I googled around but the solutions I found really created more confusion than they helped. I suspect that using a mode (and padding scheme?) for the algorithm transformation might make it work for longer strings, but I couldn't find a simple WORKING example for this :/ My hope is that someone here could suggest a working combination. The algorithm should remain RSA.
Some other ideas:
 perhaps this is just a problem with the provided implementation of the RSA algorithm? And another provider might offer a working solution.
 or I could just cut long strings into parts and encrypt those.
When run with the shortTest string, this program works fine, printing out the encrypted data length, and at the end says that the decrypted data is the same as the original data. However with the longTest string an exception is thrown in the encrypt method: "Data must not be longer than 245 bytes".
So, I googled around but the solutions I found really created more confusion than they helped. I suspect that using a mode (and padding scheme?) for the algorithm transformation might make it work for longer strings, but I couldn't find a simple WORKING example for this :/ My hope is that someone here could suggest a working combination. The algorithm should remain RSA.
Some other ideas:
 perhaps this is just a problem with the provided implementation of the RSA algorithm? And another provider might offer a working solution.
 or I could just cut long strings into parts and encrypt those.
Lester Burnham
Rancher
Posts: 1337
posted 6 years ago
RSA can only be used to encrypt data that is no longer than the RSA key size. With a key size of 2048 bits that would be somewhat less than 256 bytes. You could use an even larger key size, but that would make the process rather slow  RSA isn't well suited for encrypting large data sizes. The usual approach would be to use a symmetric cipher like AES or TripleDES, and then to use RSA just to encrypt the AES/TripleDES key.
D. Ogranos
Ranch Hand
Posts: 214
posted 6 years ago
So to encrypt strings of any size and store them in the database, I would basically need two fields: one for the (symmetric) encrypted data, and one for the (asymmetric) encrypted key, correct? And the key to encrypt the data would be randomly generated?
You say this is the usual approach, are there severe disadvantages to the other method of encrypting the long string in parts and storing the concatenated results?
You say this is the usual approach, are there severe disadvantages to the other method of encrypting the long string in parts and storing the concatenated results?
posted 6 years ago
That would be one way but I would use the approach recommended in section 13.6 of "Practical Cryptography" by Fergusen and Schneier published by Wiley. In essence, this goes a little further and generates the session key from the digest of a random array of bytes. The random array of bytes is encrypted using RSA and not the actual session key.
Also, since a symmetric cipher is being used one should used CBC mode. One can then use a random initialization vector (IV) or one can use the random array of bytes to generate the IV.
All this, the RSA encrypted random vector, the iv and the symmetric encrypted data can be written to one BLOB without the need for explicit separate 'fields'.
If the clear text is only just a bit bigger than the RSA modulus then, apart from some complexity in working out how to partition your clear text, there is not a big problem with just using this approach but you must make sure you use PKCS1 padding and you will need to partition the cleartext into lengths of less than or equal to the modulus length in bytes  11 (the overhead associated with PKCS1 padding). If your clear text is very long then since RSA is a very slow algorithm then your performance could be very very poor.
D. Ogranos wrote:So to encrypt strings of any size and store them in the database, I would basically need two fields: one for the (symmetric) encrypted data, and one for the (asymmetric) encrypted key, correct? And the key to encrypt the data would be randomly generated?
That would be one way but I would use the approach recommended in section 13.6 of "Practical Cryptography" by Fergusen and Schneier published by Wiley. In essence, this goes a little further and generates the session key from the digest of a random array of bytes. The random array of bytes is encrypted using RSA and not the actual session key.
Also, since a symmetric cipher is being used one should used CBC mode. One can then use a random initialization vector (IV) or one can use the random array of bytes to generate the IV.
All this, the RSA encrypted random vector, the iv and the symmetric encrypted data can be written to one BLOB without the need for explicit separate 'fields'.
You say this is the usual approach, are there severe disadvantages to the other method of encrypting the long string in parts and storing the concatenated results?
If the clear text is only just a bit bigger than the RSA modulus then, apart from some complexity in working out how to partition your clear text, there is not a big problem with just using this approach but you must make sure you use PKCS1 padding and you will need to partition the cleartext into lengths of less than or equal to the modulus length in bytes  11 (the overhead associated with PKCS1 padding). If your clear text is very long then since RSA is a very slow algorithm then your performance could be very very poor.
Retired horse trader.
Note: doubleunderline links may be advertisements automatically added by this site and are probably not endorsed by me.
D. Ogranos
Ranch Hand
Posts: 214
Without deviation from the norm, progress is not possible  Zappa. Tiny ad:
the new thread boost feature: great for the advertiser and smooth for the coderanch user
https://coderanch.com/t/674455/ThreadBoostfeature
