要编码的 RSA 最大块大小是多少? [英] What is the RSA max block size to encode?
问题描述
我可以在一个周期内加密的 RSA 最大块大小是多少?
What RSA max block size which I can encrypt in one cycle?
密钥大小为 4096 位的 RSA 算法的最大速度是多少?
And what is the maximum speed of the RSA algorithm with a 4096 bit key size?
推荐答案
根据 本网站上提供的 Lenstra 更新的方程式,4096 位 RSA 密钥的安全级别由至少 248 位长的加密哈希匹配,例如 SHA-256.
According to Lenstra's updated equations available on this site, the security level of a 4096 bit RSA key is matched by a cryptographic hash which is at least 248 bits long, for instance SHA-256.
如果您使用 RSA OAEP(并且您应该使用),那么您最多可以加密的数据量是 modulus size - 2 - 2*hash size,即 446 字节.
If you use RSA OAEP (and you should), the amount of data you can encrypt at most is therefore modulus size - 2 - 2*hash size, which is 446 bytes.
使用 RSA PKCS#1 v1.5,您最多可以加密 modulus size - 11 字节,但 RSA PKCS#1 v1.5 提供的安全性较低(它无法证明是安全的,并且最小随机填充字节数应扩展到至少 16 个字节).
With RSA PKCS#1 v1.5 you can encrypt at most modulus size - 11 bytes, but RSA PKCS#1 v1.5 provides less security (it is not provably secure, and the minimum number of random padding bytes should be extended to at least 16 bytes).
如果您需要加密更多数据,则不应简单地将其切碎并在每个块上多次使用 RSA.这是一个安全漏洞.您必须采取不同的方法,更准确地说:
If you need to encrypt more data you should not simply chop it up and use RSA multiple times on each block. That is a security flaw. You must take a different approach, more precisely:
- 选择一个随机的 128 位对称密钥.
- 使用经过身份验证的操作模式来加密您的数据(例如 AES-128 GCM).
- 使用 RSA OAEP 加密对称密钥.
RSA 加密(与解密不同)非常快,但时间实际上取决于库和您使用的平台.如需参考,请参阅 cryptopp 库的网站.
RSA encryption (unlike decryption) is pretty speedy, but the time is really dependent on the library and on the platform you use. For some reference, see cryptopp library's website.
这篇关于要编码的 RSA 最大块大小是多少?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
