[pycrypto] Public Key encryption of files
Dean Macinskas
dmacinskas at geobridge.net
Thu Nov 10 07:17:43 CST 2011
John,
Unless the file is small, the typical way to encrypt a file is to use a symmetric key, like TDES or AES. Asymmetric key crypto is usually too slow for bulk encryption; you use a symmetric key for that, and store/export the symmetric key using asymmetric key protection.
The block size of a public key is fixed by the length of the key; in other words, if you generate a 2048 bit key, the block size is 2048 bits (256 bytes). Symmetric key block length is set by the algorithm: 8 bytes for TDES, 16 for AES. Any data you encrypt has to be padded to a multiple of the block length.
If you use RSA, there are a couple of rules for encrypting data, one of which is that the data has to be numerically less than the public modulus. This is usually accomplished by setting the left-most bit (MSB) of the data block to zero; another reason why using a public key directly is not a good choice for bulk encryption.
HTH,
Dean
From: pycrypto-bounces at lists.dlitz.net [mailto:pycrypto-bounces at lists.dlitz.net] On Behalf Of John Matthew
Sent: Tuesday, November 08, 2011 11:59 AM
To: pycrypto at lists.dlitz.net
Subject: [pycrypto] Public Key encryption of files
First off, pycrypto is awesome! Thank you for creating it!
I'd like to use Public Keys to encrypt files, is this something that seems appropriate for file encryption?
I've noticed that the encrypt method for RSA keys is only 256 bytes, which seems rather small.
I know I could wrap that in a generator, but was hoping for some feedback on another way or a configuration change to increase that number.
Thanks for your contribution, and help.
J
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.dlitz.net/pipermail/pycrypto/attachments/20111110/7641abf0/attachment.htm
More information about the pycrypto
mailing list