Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

RSA encryption

 
Christopher Chan
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hey guys i need to encrypt FILES OF ANY EXTENSION using RSA without a size limit.
I know RSA isn't suppose to be used for large files but my supervisor is insisting on it.
Can you guys please enlighten me on how to do it? much thanks in advance.


This is the code i used to encrypt and decrypt. it allows me to encrypt and decrypt small text files, however i am unable to encrypt big files like pdf files, the program returns an empty encrypted files. i have done some research on forums and some people reccommend using byte by byte encryption or split the file and recombine. please advise on how to code.
 
James Sabre
Ranch Hand
Posts: 781
Java Netbeans IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
One can RSA encrypt the whole file by breaking the file into sections shorter than the RSA modulus (-11 bytes if one uses PKCS1 padding) but this is very very very slow. The standard approach to RSA encryption of files of any length is to use a hybrid approach. One uses a symmetric encryption (AES, Blowfish , DES etc) to actually encrypt the data using a random 'session' key and one only uses RSA to encrypt the session key. The encrypted file then consists of the concatenation of the encrypted session key and the symmetric encrypted file content. To decrypt one just extracts the encrypted session key, RSA decrypts it then using the symmetric algorithm decrypts the file content using this session key.

There is a good description of the approach in section 13.6 of "Practical Cryptography" by Ferguson and Schneier. PGP uses this general approach but the detail differs from that described in section 13.6 .
 
Campbell Ritchie
Sheriff
Pie
Posts: 49774
69
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Welcome to the Ranch

I have added some new lines to your code because long lines are difficult to read. I shall move this discussion because it is too difficult for "beginning".
 
Christopher Chan
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
James Sabre wrote:One can RSA encrypt the whole file by breaking the file into sections shorter than the RSA modulus (-11 bytes if one uses PKCS1 padding) but this is very very very slow. The standard approach to RSA encryption of files of any length is to use a hybrid approach. One uses a symmetric encryption (AES, Blowfish , DES etc) to actually encrypt the data using a random 'session' key and one only uses RSA to encrypt the session key. The encrypted file then consists of the concatenation of the encrypted session key and the symmetric encrypted file content. To decrypt one just extracts the encrypted session key, RSA decrypts it then using the symmetric algorithm decrypts the file content using this session key.

There is a good description of the approach in section 13.6 of "Practical Cryptography" by Ferguson and Schneier. PGP uses this general approach but the detail differs from that described in section 13.6 .


i have considered that but my supervisor is adamant on having rsa by itself. mind advising on how to split and recombine? much thanks
 
Christopher Chan
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Campbell Ritchie wrote:Welcome to the Ranch

I have added some new lines to your code because long lines are difficult to read. I shall move this discussion because it is too difficult for "beginning".


much thanks
 
Campbell Ritchie
Sheriff
Pie
Posts: 49774
69
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You're welcome
 
Wouter Oet
Saloon Keeper
Posts: 2700
IntelliJ IDE Opera
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I don't know the answer to your problem but you do need to take another look at your code.
If cos.write() throws an exception then the stream will not be closed.
 
James Sabre
Ranch Hand
Posts: 781
Java Netbeans IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Christopher Chan wrote:
i have considered that but my supervisor is adamant on having rsa by itself. mind advising on how to split and recombine? much thanks


1) Create the encryption Cipher to be RSA with ECB and PKCS1 padding.
2) Create a buffer of length the RSA modulus size in bytes - 11.
3) Open the cleartext file with a FileInputStream.
4) Open the ciphertext file with FiileOutputStream
5) Loop reading the cleartext stream into the buffer. After each read use the Cipher.doFinal() method to encrypt the buffer - make sure you use the number of bytes actually read by the read(buffer) method. Write the output from the Cipher.doFinal() to the ciphertext stream.

To decrypt, reverse the process.

Points to note -
a) when decrypting one needs a buffer of the size (in bytes) of the RSA modulus.
b) an InputStream.read(byte array) does not guarantee to read the number of bytes requested and on decryption you MUST MUST MUST read a ciphertext block at a time; partial blocks will not decrypt properly. Use DataInputStream.readFully() to guarantee the length read.

When I do anything along these line I first make sure I can perform the read and write operation flawlessly without actually encrypting or decrypting the file.
 
Ove Lindström
Ranch Hand
Posts: 326
Android Firefox Browser Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Try: rsa encode big files java

You get a lot of good hits there.
 
Pat Farrell
Rancher
Posts: 4678
7
Linux Mac OS X VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Christopher Chan wrote:i have considered that but my supervisor is adamant on having rsa by itself. mind advising on how to split and recombine? much thanks


Your supervisor *must* be educated. S/He is wrong. Its an evil and broken requirement. The standard practice is to create a session key randomly. Encrypt and send the session key to the other end, and use DES/3DES/AES to encipher the long text.

RSA can ONLY work with the number of bits that the key is. It can not encipher nor decipher anything longer. You could break up the long file into lots and lots of small packets, and do each separately.

Have your boss hire an expert.

Bad crypto code is weak. It is easy to write bad crypto code.

It is possible that there is even a simple attack possible when you send lots of packages all enciphered with the same key, that a weakness that no one has found so far will show up.

Do not do what your boss asks if you want to be able to say that you did a good job at security. Period.
 
James Sabre
Ranch Hand
Posts: 781
Java Netbeans IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Pat Farrell wrote:
Christopher Chan wrote:i have considered that but my supervisor is adamant on having rsa by itself. mind advising on how to split and recombine? much thanks


Your supervisor *must* be educated. S/He is wrong. Its an evil and broken requirement. The standard practice is to create a session key randomly. Encrypt and send the session key to the other end, and use DES/3DES/AES to encipher the long text.


Since this was originally posted in the "Beginning Java" forum I initially assumed that it was a school/college/university assignment. But it seems unlikely that such a complex topic could be part of a Java 101 course so I changed my mind and my first response assumed that it had just been posted in the wrong forum and I suggested the hybrid approach. When the OP wrote "my supervisor is adamant on having rsa by itself" I went back to my first thought and assumed that by 'supervisor' the OP meant his school/college/university project supervisor.

If this is for a school/college/university assignment for somebody learning Java then it is a bad assignment. If it is for the OP's work then his supervisor is an idiot.

The comments in the code lead me to believe that the code posted is a distortion of something posted on the WWW but though I can find similar comments I can't find them associated with RSA.
 
Pat Farrell
Rancher
Posts: 4678
7
Linux Mac OS X VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
James Sabre wrote:If this is for a school/college/university assignment for somebody learning Java then it is a bad assignment. If it is for the OP's work then his supervisor is an idiot.

In an effort to keep the ranch here friendly, I"d say the supervisor is naive and uneducated about the complexity of proper cryptographic software.

Even if you use AES or some other proper symmertic block cipher, they all work on small blocks at a time, and it is terrible to use the same key for each one. That is why the block-chaining modes were invented and standardized. You never cipher multiple blocks with the exact same key.

 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic