openssh rsa encrypt problem - SSH

This is a discussion on openssh rsa encrypt problem - SSH ; On Linux FC4, I am trying to use openssl to encrypt messages. Here is my script: #!/bin/bash openssl rsautl -in $1.txt -out $1.crp \ -inkey public_key -pubin -encrypt It works for small input files, but for an input file of ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: openssh rsa encrypt problem

  1. openssh rsa encrypt problem

    On Linux FC4, I am trying to use openssl to encrypt messages.
    Here is my script:

    #!/bin/bash
    openssl rsautl -in $1.txt -out $1.crp \
    -inkey public_key -pubin -encrypt

    It works for small input files, but for an input
    file of length 286 bytes I get:

    RSA operation error
    27358:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too
    large for key size:rsa_pk1.c:151:

    Is there something I can do about this? I would hope it
    is possible to encrypt large messages.

    If there is a better place to ask this, please let me know.

    Thanks for your help.
    Mike.



  2. Re: openssh rsa encrypt problem

    >>>>> "Mike" == Mike <- EMAIL IGNORED > writes:

    Mike> On Linux FC4, I am trying to use openssl to encrypt messages.
    Mike> Here is my script:

    Mike> #!/bin/bash openssl rsautl -in $1.txt -out $1.crp \ -inkey
    Mike> public_key -pubin -encrypt

    Mike> It works for small input files, but for an input file of length
    Mike> 286 bytes I get:

    Mike> RSA operation error 27358:error:0406D06E:rsa
    Mike> routines:RSA_padding_add_PKCS1_type_2:data too large for key
    Mike> size:rsa_pk1.c:151:

    Mike> Is there something I can do about this? I would hope it is
    Mike> possible to encrypt large messages.

    You never encrypt large amounts of data directly with RSA (or other
    public-key algorithms) -- they are far too slow. You encrypt bulk data
    with a symmetric cipher, then encrypt the symmetric key with RSA.

    --
    Richard Silverman
    res@qoxp.net


  3. Re: openssh rsa encrypt problem

    On Mon, 17 Apr 2006 19:36:45 -0400, Richard E. Silverman wrote:

    [...]
    > You never encrypt large amounts of data directly with RSA (or other
    > public-key algorithms) -- they are far too slow. You encrypt bulk data
    > with a symmetric cipher, then encrypt the symmetric key with RSA.


    Thanks for this .. I am learning. What, then, is the most
    secure symmetric algorithm available for this purpose?

    Thanks,
    Mike.


  4. Re: openssh rsa encrypt problem

    >>>>> "Mike" == Mike <- EMAIL IGNORED > writes:

    Mike> On Mon, 17 Apr 2006 19:36:45 -0400, Richard E. Silverman wrote:
    Mike> [...]
    >> You never encrypt large amounts of data directly with RSA (or other
    >> public-key algorithms) -- they are far too slow. You encrypt bulk
    >> data with a symmetric cipher, then encrypt the symmetric key with
    >> RSA.


    Mike> Thanks for this .. I am learning. What, then, is the most
    Mike> secure symmetric algorithm available for this purpose?

    At your level, there's no need to worry much about exactly which cipher;
    there are many very good ones available and if you choose one, attacking
    the actual cipher is the last thing any attacker will do. Examples of
    good modern ciphers are AES and Blowfish.

    --
    Richard Silverman
    res@qoxp.net


+ Reply to Thread