RSA 中的消息长度限制 [英] Message length restriction in RSA

问题描述

在 RSA 中，消息长度不应超过 (keysize/8) 字节.为什么会有这样的限制?输入(例如abcde")在将其输入 RSA 算法之前转换成什么，它在何处考虑了输入字符串abcde"的大小?

In RSA the message length should not exceed the (keysize/8) bytes. Why is there such a restriction? What is the input(say "abcde") converted into before feeding it into the RSA algorithm and where doest it take into account the size of the the input string "abcde"?

推荐答案

RSA 算法本质上是:

The RSA algorithm is essentially:

Ciphertext = (Plaintext e) mod n

并解密:

Plaintext = (Ciphertext d) mod n

e 和 n 一起组成你的公钥，d 和 n 组成你的私钥.e 通常是一些常见值之一，例如65537, n 是两个大素数 p 和 q 的乘积，它们应该是你唯一的，并定义了密钥长度(例如 1024位).用于解密密文的d的值是使用e、p和q计算出来的.如果您有兴趣，维基百科有更多详细信息:http://en.wikipedia.org/wiki/RSA_(算法).在 RSA 算法中使用时，您的明文基本上被视为一个大整数.

e and n together make up your public key, and d and n make up your private key. e is usually one of a few common values, e.g. 65537, n is the product of two large prime numbers p and q which should be unique to you, and defines the key length (e.g. 1024 bits). The value of d used to decrypt the ciphertext is calculated using e, p and q. Wikipedia has more detail if you're interested: http://en.wikipedia.org/wiki/RSA_(algorithm). Your plaintext is basically treated as a large integer when used in the RSA algorithm.

如果你不熟悉模运算符，它基本上是左边除以右边的余数.例如.17 mod 5 = 2 因为 5 将 17 整除三倍 (3 * 5 = 15)，余数为:17 - 15 = 2).

In case you're not familiar with the modulo operator, it is basically the remainder when the left side is divided by the right side. E.g. 17 mod 5 = 2 as 5 exactly divides 17 three times (3 * 5 = 15), leaving a remainder of: 17 - 15 = 2).

作为模运算符定义的结果，a mod b 的结果总是小于b.鉴于此，并且解密值是执行 mod n 操作的结果这一事实意味着解密时，生成的明文值将始终小于 n.因此，要使其成为您最初加密的实际明文，输入必须小于 n.

As a result of the definition of the modulo operator, the result of a mod b is always less than b. Given this, and the fact that the decrypted value is the result of performing a mod n operation means that when decrypted, the resulting plaintext value will always be less than n. Hence, for this to be the actual plaintext you originally encrypted, the input must be less than n.

为了保证这一点，消息被限制为比 n 具有更少的位(数字").由于 n 中的位数是密钥大小，它必须少于 keysize bits，或 keysize/8 个字节(因为有在一个字节中是 8 位).

To guarantee this, the message is restricted to having fewer bits ("digits") than n. Since the number of bits in n is the key size, it must must have fewer than keysize bits, or keysize / 8 bytes (since there are 8 bits in a byte).

这篇关于RSA 中的消息长度限制的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！