Reputation: 3999
How / Should I Encrypt Variable Size Data with RSA (RSACryptoServiceProvider)
In my research I have found mixed messages on this subject so I'm looking for expertise to explain the best approach to encrypting variable amounts of data.
Requirements:
[Edit: Adding additional requirement #3 in response to comment]
I would like to use RSA for the public/private key encryption scheme so I can distribute the public key to an application that should encrypt data but should not know how to decrypt it
I need to support data lengths from 16 characters (credit card number) to kilobytes (serialized objects) and beyond. Most of the data I encrypt will be small (credit cards, addresses, etc).
This is for encrypting data at rest.
Options I'm Aware Of:
RSA-ONLY: Use
RSACryptoServiceProviderto encrypt all data using public key. Iterate through the data in blocks that are less than the key size minus padding.HYBRID: Use
AesCryptoServiceProviderto encrypt the data, calling.GenerateKey()and.GenerateIV()to generate a random key and IV. Then use RSACryptoServiceProvider to encrypt the above key and IV and prepend or append that to the data.
It seems to my the Hybrid approach gives me the best of both worlds. Strong block cipher (AES) and distributed public key (RSA).
What are the pros and cons of these approaches? What is the standard? Surprisingly I have not found much opinion or information on the subject and would appreciate any references you might have.
Bonus: I am rolling my own for various reasons including corporate licensing restrictions but I'm curious if there is a good standard opensource approach for C#.
Upvotes: 2
Views: 888
Answers (1)
Reputation: 10257
in most cases RSA is used to encrypt a symetric key (you don't really need to encrypt the IV, but hey...)
if you use RSA for encryption of data (instead of a key) you might run into the ECB (Electronic Code Book mode) problem that is known in the context of symetric block cyphers: for a given key, a clear-text is always mapped to the same cypher-text ... that alone doesn't help in breaking the encryption, but it can leak information since an attacker can identify which data packages contain the same clear-texts
i'd choose the hybrid approach, because it's suitable for arbitrary sized data, and won't be prone to this information leak unless you choose ECB for the mode of operation (CBC - Cypher Block Chaining mode - should do)
Upvotes: 2
Related Questions
- RSA Encryption of large data in C#
- Encrypting/Decrypting large files (.NET)
- Successfully RSA Encrypting data in C#
- How to encrypt and decrypt a string with manually set RSA parameters? Why RSACryptoServiceProvider is throwing?
- Encrypting data larger than the RSA key (modulus) size. Encryption of splitted data into chunks, seems not to be working. Any ideas?
- C# - Encrypting and Decrypting Data using RSA
- RSACryptoServiceProvider encrypt and decrypt using own public and private key
- Encrypt large strings in C# - Best practices
- RSA with large key size Encryption
- Encrypted data size using RSA encryption (RSACryptoServiceProvider)