Discussion:
How to encrypt a large file by a public key?
Amir (sent by Nabble.com)
2005-12-12 02:49:55 UTC
Permalink
Hi all,

How can I encrypt a large file (like 100mb) with a public key so that no one other than who has the private key be able to decrypt it?

I can make RSA public and private keys but when it comes to encrypting a large file using this command:

openssl rsautl -encrypt -pubin -inkey public.pem -in myLargeFile.txt -out myLargeFile_encrypted.txt

I get this error:

RSA operation error
3020:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too large for key size:.\crypto\rsa\rsa_pk1.c:151:

I tried to make keys with sizes from 40 to 4096 bits, no luck, same error

Thankx in advance

Amir


--
Sent from the OpenSSL - User forum at Nabble.com:
http://www.nabble.com/How-to-encrypt-a-large-file-by-a-public-key--t724858.html#a1900225
Richard Salz
2005-12-12 03:11:34 UTC
Permalink
Post by Amir (sent by Nabble.com)
How can I encrypt a large file (like 100mb) with a public key so
that no one other than who has the private key be able to decrypt it?
Encrypt it using a strong symmetric key (such as AES) and use RSA to
encrypt *that* key.

This is the way "everyone" does it.

/r$
--
SOA Appliance Group
IBM Application Integration Middleware


______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
JCA
2005-12-12 15:12:36 UTC
Permalink
With RSA, the data to be encrypted is first mapped on to an integer. For
RSA to work, this integer must be smaller than the RSA modulus used. In
order to get things to work the way you want, if you are using a (say)
1,024-bit RSA modulus, you must split your input data in chunks 1,024 bits
long, at most. Actually, if using padding, which you you should, they've got
to be even smaller - e.g. 11 bytes smaller for PKCS #1 v1.5 padding. You
then would have to encrypt each chunk sequentially, using a mode like ECB or
CBC.

Having said all that, you should not proceed that way. RSA
encryption/decryption is tremendously slow and CPU intensive. You'd be far
better off encrypting your big input file with some symmetric algorithm (e.g.
AES) and then encrypting with the RSA key (private or public, depending on
your needs) the key used with this algorithm.
Post by Amir (sent by Nabble.com)
Hi all,
How can I encrypt a large file (like 100mb) with a public key so that no
one other than who has the private key be able to decrypt it?
I can make RSA public and private keys but when it comes to encrypting a
openssl rsautl -encrypt -pubin -inkey public.pem -in myLargeFile.txt -out
myLargeFile_encrypted.txt
RSA operation error
3020:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too
I tried to make keys with sizes from 40 to 4096 bits, no luck, same error
Thankx in advance
Amir
------------------------------
Sent from the OpenSSL - User<http://www.nabble.com/OpenSSL---User-f981.html>forum at
How to encrypt a large file by a public key?<http://www.nabble.com/How-to-encrypt-a-large-file-by-a-public-key--t724858.html#a1900225>
Amir (sent by Nabble.com)
2005-12-15 01:47:37 UTC
Permalink
Thank you for your reply,

I do not undrestand the last paragraph very well. I know how to encrypte a file using a symmetric algorithm. But i dont know what do you mean by "then encrypting with the RSA key"

Encrypting by by a symmetric al will give me a file with the same size.

I all want to do is to give a public key to someone to encrypt large files and send it to me.

Amir
--
Sent from the OpenSSL - User forum at Nabble.com:
http://www.nabble.com/How-to-encrypt-a-large-file-by-a-public-key--t724858.html#a1951256
Lloyd Brown
2005-12-15 03:53:05 UTC
Permalink
I could be wrong, but I believe what is being said is this:

- It is difficult to encrypt a large file with an asymmetric algorithm
like RSA
- It is easy to encrypt a large file with a symmetric algorithm like AES,
but both sides must have the same key, and that key exchange is difficult
- The solution is to use AES to encrypt the file, and use RSA to encrypt
the AES key.

Essentially, use the asymmetric RSA encryption to protect and exchange the
AES key, and use AES to do the actual file encryption. You could even
generate a new AES key each time you do this.

Now, that being said, I don't really know how to do that easily using
OpenSSL. Someone else will have to speak to that.

Lloyd Brown
Post by Amir (sent by Nabble.com)
Thank you for your reply,
I do not undrestand the last paragraph very well. I know how to encrypte a
file using a symmetric algorithm. But i dont know what do you mean by
"then encrypting with the RSA key"
Encrypting by by a symmetric al will give me a file with the same size.
I all want to do is to give a public key to someone to encrypt large files
and send it to me.
Amir
--
http://www.nabble.com/How-to-encrypt-a-large-file-by-a-public-key--t724858.html#a1951256
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
JCA
2005-12-15 04:45:16 UTC
Permalink
Post by Amir (sent by Nabble.com)
Thank you for your reply,
I do not undrestand the last paragraph very well. I know how to encrypte a
file using a symmetric algorithm. But i dont know what do you mean by "then
encrypting with the RSA key"
Encrypting by by a symmetric al will give me a file with the same size.
I all want to do is to give a public key to someone to encrypt large files
and send it to me.
Amir
------------------------------
Sent from the OpenSSL - User<http://www.nabble.com/OpenSSL---User-f981.html>forum at
Re: How to encrypt a large file by a public key?<http://www.nabble.com/How-to-encrypt-a-large-file-by-a-public-key--t724858.html#a1951256>
OK, this is what you want to do:

Imagine that you want your friend to send you an arbitrarily large file F
encrypted. We assume that your friend has your public key PubK. He proceeds
as follows:

1) Randomly generate a key K to be used with some symmetric algorithm,
e.g. AES.
2) Encrypt F with AES (not RSA) and key K.
3) Encrypt K with RSA, using key PubK.
4) Send the encrypted F and K to you.

You would proceed as follows:

1) Decrypt the encrypted K with RSA, using your private key PrK.
2) Decrypt the encrypted F with AES, using the K just decrypted.

Your friend could potentially use RSA to encrypt the whole F. This, however,
would be terribly inefficient: not only would he have to do the encryption
in chunks, as described in my previous note, but, in addition, RSA is
hundreds of times slower than AES. On your side, things would be even worse,
for the RSA private key operation is an order of magnitude slower than its
public key counterpart.
j***@public.gmane.org
2005-12-20 15:48:57 UTC
Permalink
Just curious:

Putting speed aside, what is the security risk by encrypting
a "large file" chunk by chunk using RSA public key? (e.g.
using chain mode like what is done in symmetric block cipher)
Post by JCA
Post by Amir (sent by Nabble.com)
Thank you for your reply,
I do not undrestand the last paragraph very well. I know how to encrypte a
file using a symmetric algorithm. But i dont know what do you mean by "then
encrypting with the RSA key"
Encrypting by by a symmetric al will give me a file with the same size.
I all want to do is to give a public key to someone to encrypt large files
and send it to me.
Amir
------------------------------
Sent from the OpenSSL -
User<http://www.nabble.com/OpenSSL---User-f981.html>forum at
Re: How to encrypt a large file by a public
key?<http://www.nabble.com/How-to-encrypt-a-large-file-by-a-public-key--t724858.html#a1951256>
Imagine that you want your friend to send you an arbitrarily large file F
encrypted. We assume that your friend has your public key PubK. He proceeds
1) Randomly generate a key K to be used with some symmetric algorithm,
e.g. AES.
2) Encrypt F with AES (not RSA) and key K.
3) Encrypt K with RSA, using key PubK.
4) Send the encrypted F and K to you.
1) Decrypt the encrypted K with RSA, using your private key PrK.
2) Decrypt the encrypted F with AES, using the K just decrypted.
Your friend could potentially use RSA to encrypt the whole F. This, however,
would be terribly inefficient: not only would he have to do the encryption
in chunks, as described in my previous note, but, in addition, RSA is
hundreds of times slower than AES. On your side, things would be even worse,
for the RSA private key operation is an order of magnitude slower than its
public key counterpart.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
Victor Duchovni
2005-12-20 16:12:53 UTC
Permalink
Post by j***@public.gmane.org
Putting speed aside, what is the security risk by encrypting
a "large file" chunk by chunk using RSA public key? (e.g.
using chain mode like what is done in symmetric block cipher)
RSA is not intended for this. Various known/chosen plaintext/ciphertext
issue are likely to compromise your keys. Do not do this. Only
encrypt/decrypt/sign/verify appropriately structured session keys/message
digests.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
Loading...