Nils Larsch wrote:
>
{ snip }
>
> I guess you know that a 120 bit modulus is not really secure :-)
>
I knew that was coming.
120 bits is good enough for this application.
> The typical error message in case of PKCS#1 error (in your case) would
> be "RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE".
I'm not clear on the difference between these. The modulus is n, the product of the primes p and q that are used for key generation, right? I was under the impression that modulus length == key size. Not so?
Would a good approach be perhaps to generate keys until I found one for which n is greater than the bignum representation of the largest plaintext? (Yeah, I know, this would restrict the key space, which might be a security concern.)
> > If I arrange for the plaintext to be a zero followed by 14
> octets of data,
> > can I make this work?
>
> it should work (, but what about a longer (== more secure) key ?)
>
For reasons that would be tedious to rehearse, the size of the encrypted block has to be not more than 15 octets.
I was hoping for something a little more definitive than "should work."
