Pages: [1]

Author Topic: [RSA Encryption] Info I found useful  (Read 2450 times)

0 Members and 2 Guests are viewing this topic.

xor

  • Guest
[RSA Encryption] Info I found useful
« on: August 22, 2011, 04:04:08 pm »
So I'm trying to implement cryptography into a couple of my projects for secure communications etc and recently came across this bit of information that I didn't know about RSA.


Quote
The RSA algorithm imposes size restrictions on the object being encrypted.
RSA encryption uses the PKCS#1 standard with PKCS#1 block type 2 padding.
The PKCS RSA encryption padding scheme needs 11 spare bytes to work.


So if you generate an RSA key pair with a key size of 512 bits, you cannot use
the keys to encrypt more than 53 bytes (53 = 64 - 11).


This is important when considering secure communication because it means you can't use RSA encryption for large messages. Well... you can, but RSA key generation is relatively slow in comparison, so the bigger the message you're sending the slower it will get to do it.


A recommendation is to use DSA instead.


If anyone else knows anything useful about encryption and secure communication, please feel free to post it here or fill me in, because I found this intriguing.


-- xor
Report to moderator   Logged

Offline NC009

  • Serf
  • *
  • Posts: 20
  • Cookies: 0
    • View Profile
Re: [RSA Encryption] Info I found useful
« Reply #1 on: August 24, 2011, 09:27:38 pm »
Projects?  ;) well if you need something for email try GnuPG...although it uses RSA  ::)

http://www.gnupg.org


...dont know if your "projects" consist of something else...but if so, it would probably be best to implement your own hybrid...this is why the TDL4 Alureon Rootkit has been so successful...communication between command and control servers and the makers/users is encrypted with some hybrid cipher...



Report to moderator   Logged

Offline gh0st

  • Sir
  • ***
  • Posts: 575
  • Cookies: 8
  • #DEDSec
    • View Profile
Re: [RSA Encryption] Info I found useful
« Reply #2 on: August 29, 2011, 07:39:04 am »
Ive an idea of plain text encryptation but when we talk about a file for example a trojan thats gonna be ecrypted there instead we work with the raw bites right? or is there any library to encrypt programs? I guess no cause it would be easy :P
Report to moderator   Logged

xor

  • Guest
Re: [RSA Encryption] Info I found useful
« Reply #3 on: August 29, 2011, 02:30:30 pm »
There are plenty of libraries out there to make it easier, for sure. There are different types of encryption though depending on what you're trying to achieve.

AES for example has several "modes" of encryption which are used for different things. Some are better suited to stream based encryption, like streaming video, voip, chat sessions etc, while others are more suited to static, binary encryption, like in a database.

How is the plain text going to be stored? If it's in a file, it can likely be encrypted the same way a trojan would.
Report to moderator   Logged

Offline 514z4ng3r

  • /dev/null
  • *
  • Posts: 5
  • Cookies: 0
    • View Profile
Re: [RSA Encryption] Info I found useful
« Reply #4 on: August 29, 2011, 07:03:16 pm »
Try using DES CBC, although if you want faster encryption use AES, all other public key cryptography will take long time.
Report to moderator   Logged

xor

  • Guest
Re: [RSA Encryption] Info I found useful
« Reply #5 on: August 30, 2011, 01:41:45 pm »
DES is old, I assume you mean 3DES or DSA?

A company I came across today was using ECB (Electronic Cook-Book) with a 256bit keysize and PBE (Password Based Auth), which was quite interesting as it was for an online backup solution.

Everywhere I have read said that while ECB is fast, it's probably not the best recommended for file encryption.
« Last Edit: August 30, 2011, 01:42:19 pm by xor »
Report to moderator   Logged
Pages: [1]