How to encrypt large file with RSA?
Asked Answered
K

2

9

Code https://play.golang.org/p/CUEqjsJq5c

Error:

panic: crypto/rsa: message too long for RSA public key size

goroutine 1 [running]:
panic(0x4a6d80, 0xc420010420)
    /usr/local/go/src/runtime/panic.go:500 +0x1a1
main.main()
    /tmp/sample.go:28 +0xfa

File size 811 byte (for test encrypt self source file). I want encrypt some bigger files, 1..500 mb. Can I do it with RSA or need use some other methods?

Kokanee answered 25/10, 2016 at 15:24 Comment(3)
RSA is not suitable for encrypting large files. Google it. General practice is to generate an AES key which is small and you can encode the AES key with the RSA key, and you proceed with encrypting the large file with the AES key (symmetric encryption).Stricklan
In addition to @icza's comment, the golang rsa package has a note on this: golang.org/src/crypto/rsa/rsa.go#L335Coati
But it is not necessary to RSA encrypt the symmetric key unless a public/private key pair are required. What is the iuse case for a public/private key pairBortz
B
19

RSA can only encrypt data smaller than (or equal to) the key length.

The answer is to encrypt the data with a symmetric algorithm such as AES which is designed to encrypt small and large data.

If an RSA public/private key pair are required encrypt the symmetric (AES) key with RSA. This is referred to as hybrid encryption and in essence is how HTTPS encrypts data.

But it is may not necessary to RSA encrypt the symmetric key unless a public/private key pair are required. In the general case one just uses symmetric (AES) and that key. What is the use case for a public/private key pair?

Bortz answered 25/10, 2016 at 15:51 Comment(0)
W
18

If you don't want to chunk the file, an approach is Hybrid Encryption:

  1. Creating a random symmetric key R on the air,
  2. Encrypting the large file with the symmetric key R to create EF=Sym(F, R),
  3. Encrypting the symmetric key R with an asymmetric RSA public key to create ER=ASym(PublicKey, R),
  4. Sending the encrypted file EF alongside ER.

Encryption:

+---------------------+      +--------------------+
|                     |      |                    |
| generate random key |      |   the large file   |
|        (R)          |      |        (F)         |
|                     |      |                    |
+--------+--------+---+      +----------+---------+
         |        |                     |
         |        +------------------+  |
         |                           |  |
         v                           v  v
+--------+------------+     +--------+--+------------+
|                     |     |                        |
| encrypt (R) with    |     | encrypt (F)            |
| your RSA public key |     | with symmetric key (R) |
|                     |     |                        |
|  ASym(PublicKey, R) |     |     EF = Sym(F, R)     |
|                     |     |                        |
+----------+----------+     +------------+-----------+
           |                             |
           +------------+ +--------------+
                        | |
                        v v
         +--------------+-+---------------+
         |                                |
         |   send this files to the peer  |
         |                                |
         |     ASym(PublicKey, R) + EF    |
         |                                |
         +--------------------------------+

Decryption:

   +----------------+        +--------------------+
   |                |        |                    |
   | EF = Sym(F, R) |        | ASym(PublicKey, R) |
   |                |        |                    |
   +-----+----------+        +---------+----------+
         |                             |
         |                             |
         |                             v
         |   +-------------------------+-----------------+
         |   |                                           |
         |   |             restore key (R)               |
         |   |                                           |
         |   | R <= ASym(PrivateKey, ASym(PublicKey, R)) |
         |   |                                           |
         |   +---------------------+---------------------+
         |                         |
         v                         v
     +---+-------------------------+---+
     |                                 |
     |       restore the file (F)      |
     |                                 |
     |      F <= Sym(Sym(F, R), R)     |
     |                                 |
     +---------------------------------+
Wyatan answered 23/2, 2020 at 12:49 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.