如何计算RSA密文的大小使用密钥大小&明文长度? [英] How calculate size of RSA cipher text using key size & clear text length?
问题描述
我有一些明确的文本,我想使用RSA_PKCS_V21(使用PolarSSL库)加密。问题是,我需要知道密文的大小执行算法之前(为动态内存分配目的)。
我知道RSA密钥大小&清除文字长度。
我也想知道输入文字长度的限制。
任何想法?
I've some clear text which I want to encrypt using RSA_PKCS_V21 (using PolarSSL library). The problem is that I need to know size of cipher text before executing the algorithm (for dynamic memory allocation purpose).
I know RSA key size & clear text length.
I also want to know the limitation on input clear text length.
Any idea?
推荐答案
只需检查 RSA PKCS#1 v2.1 standard,chapter 7.2 :
RSAES-PKCS1-V1_5-ENCRYPT((n,e),M)
RSAES-PKCS1-V1_5-ENCRYPT ((n, e), M)
输入:
- (n,e)收件人的RSA公钥在模数n的
中) - 要加密的消息,长度为mLen的八位字节串,
其中 mLen <= k - 11
- (n, e) recipient's RSA public key (k denotes the length in octets of the modulus n)
- M message to be encrypted, an octet string of length mLen, where mLen <= k - 11
因此输入取决于键大小。 k
是键大小,但是以字节为单位。因此,对于1024位密钥,您的最大纯文本大小为1024/8 - 11 = 117个字节。
So the input depends on the key size. k
is that key size but in octets. So for a 1024 bit key you have 1024 / 8 - 11 = 117 bytes as maximum plain text.
是具有PKCS#1 v1.5填充的RSA的最大大小。对于较新的OAEP填充,可以在第7.1章中找到以下内容:
Note that above is the maximum size for RSA with PKCS#1 v1.5 padding. For the newer OAEP padding the following can be found in chapter 7.1:
RSAES-OAEP-ENCRYPT((n,e),M,L)
RSAES-OAEP-ENCRYPT ((n, e), M, L)
...
输入:
- 要加密的消息,长度为mLen的八位字节串,
其中 mLen <= k-2hLen-2 - L与邮件相关联的可选标签;
默认值为L,如果没有提供L,则为空
string
)
其中hLen是用于掩码生成函数的散列函数的输出大小。如果使用默认的SHA-1散列函数,则消息的最大大小为k-42(因为SHA-1的输出大小为20字节,2 * 20 + 2 = 42)。
Where hLen is the output size of the hash function used for the mask generation function. If the default SHA-1 hash function is used then the maximum size of the message is k - 42 (as the output size of SHA-1 is 20 bytes, and 2 * 20 + 2 = 42).
通常,随机生成的密钥是加密的,而不是消息。然后使用该密钥加密消息。这允许几乎无限长的消息,并且对称加密(例如CBC模式中的AES)比非对称加密快得多。此组合称为混合加密。
Normally a randomly generated secret key is encrypted instead of the message. Then the message is encrypted with that secret key. This allows almost infinitely long messages, and symmetric crypto - such as AES in CBC mode - is much faster than asymmetric crypto. This combination is called hybrid encryption.
这篇关于如何计算RSA密文的大小使用密钥大小&明文长度?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!