Hi Phillip, I'm not sure what you mean by "shouldn't be using public-key encryption", why? It seems like .Net sets up a nice class that is easily implemented, all I need is the key and the exponent and I can encrypt and decrypt when needed. I don't think I really have a choice about what to use, I recently started in a group that has a public and private key they are using to encrypt and then decrypt strings of data. I don't think I can change that. What would be the advantages of doing what you suggest and using symmetric encryption to encrypt and PK encryption for encrypting the key? I don't think we have a symmetric key because we are using RSA with a public and private key.If you think your approach is better please let me know and I will discuss it with my group and see if we can make a change.
I think we are using PKCS1 because the max length is 256 - 11 On Wed, Jun 2, 2010 at 5:15 AM, Phillip Hellewell <ssh...@gmail.com> wrote: > On Thu, May 27, 2010 at 2:20 PM, Chuck Pareto <chuckda...@gmail.com> > wrote: > > Hi, > > I'm still unsure as to the max length string I can use to encrypt. I'm > using > > the rsacrypto class in .net to encrypt. > > I know I can't pass in a string that's 256 bytes long or greater because > > there us an exception that gets thrown. But as I work my way back in > length > > I still get exceptions with string lengths smaller than 256. > > If it's using PKCS1 padding (most common), then the max length is 11 > bytes less than the key size, so 256-11. > > But like David said, you shouldn't be using public-key encryption > directly unless you know what you're doing. The normal approach is to > use symmetric encryption (e.g., AES) to encrypt the data, and PK > encryption for encrypting the symmetric key. > > Phillip > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
