1 Reply
      Latest reply: Nov 28, 2016 2:23 AM by eskimo RSS
      FabioB Level 1 Level 1 (0 points)

        Hi

        I'm trying to encrypt and decrypt a message bigger than the key size.

        I 'm generate Key Pair with size in bits: 2048, but I can't encrypt message  bigger than the key dimension

        someone know why i can't do this?

        Thanks

        • Re: RSA encryption/decryption
          eskimo Apple Staff Apple Staff (7,190 points)

          I'm trying to encrypt and decrypt a message bigger than the key size.

          This is simply not possible using RSA.  Most RSA crypto systems use a symmetric cypher (like AES) to encrypt the data with a cryptographically secure random key, and then encrypt that key using RSA.

          WARNING The fact that you’re asking this question indicates that:

          • Your not a crypto expert, and

          • You’re designing your own crypto system

          That’s a really bad combination.  It’s very easy for inexperienced developers to create crypto systems that look right but contain vulnerabilities that are obvious to crypto experts (and hence to any attackers).  For example, when combining RSA and AES as I’ve suggested above, you need to make sure you use authenticating encryption (either by using a fancy AES mode or by combining AES with a MAC) to avoid some gnarly exploits.  I strongly recommend you either:

          • Implement a standard crypto system that’s generally considered secure (like CMS)

          • Or, if you must design a new crypto system from scratch, hire a crypto expert to review its security

          On a personal note, while I dabble in crypto, and know some of these issues, I’m not a crypto expert and I would not attempt to design my own crypto system from scratch.

          Share and Enjoy

          Quinn “The Eskimo!”
          Apple Developer Relations, Developer Technical Support, Core OS/Hardware
          let myEmail = "eskimo" + "1" + "@apple.com"