解密使用RSA java加密的“长”消息 [英] Decrypting “long” message encrypted with RSA java
问题描述
Java / JCE:解密使用RSA加密的长消息
我有一个大字节数组和rsa keypair,由值1024
使用rsa加密和密钥的指定大小是强要求,我不能更改它。所以我不能用对称加密对称加密对称密钥。我不能使用任何其他键。我有一个字节数组,需要加密字节数组才能被返回。我想知道是否有任何准备工具,可以管理这个问题?
对于这样的业余问题抱歉,但我真的需要帮助。
如上所述,你的问题有一个答案,那就是不。 RSA加密是一种将消息加密到给定大小的算法,取决于密钥大小;具有1024位RSA密钥,RSA作为标准描述它,最大大小为117字节,不再。没有办法用RSA单独加密一个更大的消息,这是一个确定的数学确定性。
如果你真的需要处理更长的消息,那么你必须添加其他东西。在这种情况下,请请,不要试图用你自己设计的一些令人惊奇的将数据分解成小块等的想法。那条道路导致了厄运。您可能会产生一些出现来编译和运行的东西,但是在某种程度上将会一直很弱,就像几乎所有其他自制的加密版本一样。这是因为安全性无法测试:不是作品或不起作用的情况。
非对称加密的良好路径因此如下: / p>
- 您可以选择一些适当长度的随机字节序列,例如128位(即16字节)。我们称之为 K 。
- 使用RSA公钥加密 K 您可以使用对称加密算法(
AES / C加密使用 K 的消息。 - 加密的消息是 E 和 F 。
< CBC / PKCS5Padding)。由于这是一键单击,所以可以使用全零四。这产生一堆字节,让我们称之为 F 。
解密以相反的顺序进行:RSA私钥用于恢复从 E ,然后使用 K 将 F 解密成原始消息。密钥 K 永远不会存储在任何地方,并且每次都会生成一个新的密钥K(即使您加密两次相同的邮件)。这很重要,不要改变,除非你明白你在做什么(如果你这样做,那么你已经知道了)。
鉴于你所说的你的问题,你有做别的事情,而不是只是RSA。上面描述的过程是关于你可以想到的最好的其他,安全的。
将一些加密元素组装成这样一个协议是一个进程充满了陷阱,所以您可以使用已经定义的格式和支持库更好运气。用于非对称加密的两种常见格式是 CMS 和 OpenPGP 。支持并具有良好声誉的图书馆是 Bouncy Castle 。
Hi this is the same question, that was asked two years ago: Java/JCE: Decrypting "long" message encrypted with RSA
I had a large byte array and rsa keypair, initiated by value 1024. Using rsa encryption and the specified size of the key is strong requirement, I can't change it. So I can't use symmetric encryption with asymetric encryption symmetric key. I can't use any other keys. I had a byte array and need ciphered byte array to be returned. I wonder if there is any ready tool, that can manage with this problem?
Sorry for such an amateurish question, but I really need a help.
As stated, your question has a single answer, and that's "no". RSA encryption is an algorithm which encrypts messages up to a given size, which depends on the key size; with a 1024-bit RSA key, and RSA as the standard describes it, the maximum size is 117 bytes, no more. There is no way to encrypt a larger message with RSA alone, and that's a definite, mathematical certainty.
If you really need to process longer messages, then you necessarily have to add something else. In that case, please, please, do not try to do anything fancy of your own devising with some oh-so-clever splitting of data into small blocks and the like. That path leads to doom. You might produce something which appears to compile and run, but which will be invariably weak in some way, like almost every other home-made variation on cryptography. That's because security cannot be tested: it is not a case of "works" or "does not work".
The well-trodden path of asymmetric encryption goes thus:
- You select a random sequence of bytes of some appropriate length, e.g. 128 bits (that's 16 bytes). Let's call it K.
- You encrypt K with the RSA public key; this yields E.
- You encrypt the message with K using a symmetric encryption algorithm (
"AES/CBC/PKCS5Padding"). Since this is a one-shot key, you can use an all-zeros IV. This yields a bunch of bytes, let's call it F. - The encrypted message is then the concatenation of E and F.
Decryption proceeds in the reverse order: the RSA private key is used to recover K from E, then K is used to decrypt F into the original message. The key K is never stored anywhere, and a new key K is generated every time (even if you encrypt the same message twice). That's important, do not change that unless you understand what you are doing (and if you do, then you already know that).
Given what you state about your problem, you have to do something else than "just RSA". The procedure I describe above is about the best "something else" that you could come up with, security-wise.
Assembling some cryptographic elements into such a protocol is a process fraught with pitfalls so you may have better luck using an already defined format and support library. Two common formats for asymmetric encryption are CMS and OpenPGP. A library which supports both and has good reputation is Bouncy Castle.
这篇关于解密使用RSA java加密的“长”消息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
