[pycrypto] Public Key encryption of files
John Matthew
john at compunique.com
Thu Nov 10 12:25:19 CST 2011
Dean,
After getting info from you, and reading a few blogs that have done this,
it's becoming clearer, thank you for your feedback.
J
On Thu, Nov 10, 2011 at 10:18 AM, Dean Macinskas
<dmacinskas at geobridge.net>wrote:
> All blocks need to be 16 bytes. So for example, if the file is
> 2,000,005 bytes, you'd encrypt 125,000 16-byte blocks; you then have 5
> bytes left over, to which you'd add 11 padding bytes, which can be any
> binary value and then encrypt that last block.****
>
> ** **
>
> Some schemes add a header to the beginning of the file with the cleartext
> length, so the decrypter can easily discard the padding. Also, consider
> using CBC mode with a non-zero IV, which has some security advantages.****
>
> ** **
>
> *From:* pycrypto-bounces at lists.dlitz.net [mailto:
> pycrypto-bounces at lists.dlitz.net] *On Behalf Of *John Matthew
> *Sent:* Thursday, November 10, 2011 12:10 PM
> *To:* PyCrypto discussion list
> *Subject:* Re: [pycrypto] Public Key encryption of files****
>
> ** **
>
> Dean, thanks for the reply****
>
> ** **
>
> ** **
>
> Ah, I see. If I want to encrypt a 2mb file with a Symmetric Key, it just
> has to have a "16 byte padding" for AES, or do all the chunks need to be 16
> bytes?****
>
> ** **
>
> J****
>
> On Thu, Nov 10, 2011 at 5:17 AM, Dean Macinskas <dmacinskas at geobridge.net>
> wrote:****
>
> John,****
>
> ****
>
> Unless the file is small, the typical way to encrypt a file is to use a
> symmetric key, like TDES or AES. Asymmetric key crypto is usually too slow
> for bulk encryption; you use a symmetric key for that, and store/export the
> symmetric key using asymmetric key protection.****
>
> ****
>
> The block size of a public key is fixed by the length of the key; in other
> words, if you generate a 2048 bit key, the block size is 2048 bits (256
> bytes). Symmetric key block length is set by the algorithm: 8 bytes for
> TDES, 16 for AES. Any data you encrypt has to be padded to a multiple of
> the block length.****
>
> ****
>
> If you use RSA, there are a couple of rules for encrypting data, one of
> which is that the data has to be numerically less than the public modulus.
> This is usually accomplished by setting the left-most bit (MSB) of the data
> block to zero; another reason why using a public key directly is not a good
> choice for bulk encryption.****
>
> ****
>
> HTH,****
>
> Dean****
>
> ****
>
> *From:* pycrypto-bounces at lists.dlitz.net [mailto:
> pycrypto-bounces at lists.dlitz.net] *On Behalf Of *John Matthew
> *Sent:* Tuesday, November 08, 2011 11:59 AM
> *To:* pycrypto at lists.dlitz.net
> *Subject:* [pycrypto] Public Key encryption of files****
>
> ****
>
> First off, pycrypto is awesome! Thank you for creating it!****
>
> ****
>
> I'd like to use Public Keys to encrypt files, is this something that seems
> appropriate for file encryption?****
>
> ****
>
> I've noticed that the encrypt method for RSA keys is only 256 bytes, which
> seems rather small.****
>
> ****
>
> I know I could wrap that in a generator, but was hoping for some feedback
> on another way or a configuration change to increase that number.****
>
> ****
>
> Thanks for your contribution, and help.****
>
> ****
>
> J****
>
>
> _______________________________________________
> pycrypto mailing list
> pycrypto at lists.dlitz.net
> http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto****
>
> ** **
>
> _______________________________________________
> pycrypto mailing list
> pycrypto at lists.dlitz.net
> http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.dlitz.net/pipermail/pycrypto/attachments/20111110/b7a311fd/attachment-0001.htm
More information about the pycrypto
mailing list