RSA data length limits
The length of a RSA signature varies in direct proportion to the RSA key size, not the amount of data encrypted. The Perl script below demonstrates the length of signatures for several RSA key sizes. Also, larger keys allow more data to be encrypted with RSA, minus overhead for various encoding and security measures. Large amounts of data should be encrypted using a symmetric cipher, and the private key for this cipher encrypted via RSA.
#!/usr/bin/perl -wl use strict; use Crypt::OpenSSL::Random; use Crypt::OpenSSL::RSA; Crypt::OpenSSL::Random::random_status() or die "single and thine image dies with thee\n"; my $string = 'foo'; KEYSIZE: for my $ks (qw{512 1024 2048}) { my $pk = Crypt::OpenSSL::RSA->generate_key($ks); my $sig = $pk->sign($string); print $ks, ' -> ', length $sig; } __DATA__ 512 -> 64 1024 -> 128 2048 -> 256
Technorati Tags: coding, cryptography, Perl
The maximum amount of data encryptable with RSA varies with the RSA key size and encoding method used, as demonstrated by the following code:
#!/usr/bin/perl -wl use Crypt::OpenSSL::Random; use Crypt::OpenSSL::RSA; use MIME::Base64; Crypt::OpenSSL::Random::random_status() or die "as fast as they see others grow\n"; KEYSIZE: for my $ks (qw{512 1024 2048 3072 4096}) { my $pk = Crypt::OpenSSL::RSA->generate_key($ks); # NOTE try altering encoding method here! #$pk->use_pkcs1_padding(); $pk->use_pkcs1_oaep_padding(); # encrypt longer strings until failure for my $dl ( 1 .. 10000 ) { # lengths of resulting blob and blob # base64 encoded my $el = length $pk->encrypt("a"); my $bl = length encode_base64( $pk->encrypt("a") ); eval { $pk->encrypt( "a" x $dl ); }; if ($@) { # failed on current length, so # max one less $dl--; print join( ' ', "rsakey=$ks", "datalength=$dl", "encryptedlength=$el", "base64=$bl" ); next KEYSIZE; } } } __DATA__ rsakey=512 datalength=22 encryptedlength=64 base64=90 rsakey=1024 datalength=86 encryptedlength=128 base64=175 rsakey=2048 datalength=214 encryptedlength=256 base64=349 rsakey=3072 datalength=342 encryptedlength=384 base64=519 rsakey=4096 datalength=470 encryptedlength=512 base64=693
For more information, consult the Crypt::OpenSSL::RSA module documentation. Also consider the excellent Applied Cryptography or Practical Cryptography texts.