<< Game over, the above demonstrates sufficiently deep confusion about RSA, << that you must not proceed any further until you see why it is absurd.
I do understand the rules for RSA encryption; I was merely testing a reverse method for educational purposes. I stated "I want to decrypt with the public key." Because that is something I wanted to do. However if openssl won't let me specify an appropriate key size for the public key then I can't do that? It complains of size constraints. This was not going to be implemented, merely education and testing. Sorry if I seemed confused. I wasn't. If openssl is incapable of doing this, that is fine by me. Just curious about the error message I am getting on return. > 3500:error:0406506C:rsa routines:RSA_EAY_PRIVATE_DECRYPT:data greater > than modlen:rsa_eay.c:308 And if there is a way to make the public key size larger? Or what! Victor C. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni Sent: Friday, December 09, 2005 12:55 AM To: openssl-users@openssl.org Subject: Re: Specifiy Public Key Size? On Fri, Dec 09, 2005 at 07:25:12AM +0100, [EMAIL PROTECTED] wrote: > >RSA Public and private keys are not used to encrypt arbitrary data, there > >are many complex traps to avoid because RSA is a commutative group. You > >use RSA private keys to sign carefully constructed message digests that > >avoid the various chosen plain-text attacks on RSA. You use RSA public > >keys to encrypt randomly generated session keys that in turn encrypt > >the message contents. All this specificed in carefully designed PKCS#N > >standards that describe correct standard use-cases of RSA cryptography. > > > >The public key is not suitable for decryption, it is only suitable for > >signature verification. Decryption is only possible with the private > >key and only if chosen-plaintext/chose-ciphertext attacks are carefully > >avoided. > > Hummm.... Victor ? > > You can cipher and decipher what you want as well as with a RSA public > and private keys ;-) > > If you cipher with the public key you have to use the private associate > key of course and vice versa. > Yes the bit patterns of the two keys are mathematical inverses, but that is not significant. Decryption (rather than signature verification) with a *public* key makes no sense. Also RSA is never used as a bulk cipher, the chosen-plaintext and chosen-ciphertext attacks are not mere theoretical musings. Yes, the bignum value of the public key can be recast as a private key whose public key has the bits of the original private key. Mathematically these may be the same, but they are rather different as typed data structures, one is a public key and the other is a private key. You use public keys to encrypt and verify and private keys to decrypt and sign. In all cases appropriate care is required to avoid falling prey to chosen-<mumble>text attacks. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
