aspose file tools*
The moose likes Java in General and the fly likes RSA encryption Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "RSA encryption" Watch "RSA encryption" New topic
Author

RSA encryption

Christopher Chan
Greenhorn

Joined: Jul 10, 2011
Posts: 3
Hey guys i need to encrypt FILES OF ANY EXTENSION using RSA without a size limit.
I know RSA isn't suppose to be used for large files but my supervisor is insisting on it.
Can you guys please enlighten me on how to do it? much thanks in advance.


This is the code i used to encrypt and decrypt. it allows me to encrypt and decrypt small text files, however i am unable to encrypt big files like pdf files, the program returns an empty encrypted files. i have done some research on forums and some people reccommend using byte by byte encryption or split the file and recombine. please advise on how to code.
James Sabre
Ranch Hand

Joined: Sep 07, 2004
Posts: 781

One can RSA encrypt the whole file by breaking the file into sections shorter than the RSA modulus (-11 bytes if one uses PKCS1 padding) but this is very very very slow. The standard approach to RSA encryption of files of any length is to use a hybrid approach. One uses a symmetric encryption (AES, Blowfish , DES etc) to actually encrypt the data using a random 'session' key and one only uses RSA to encrypt the session key. The encrypted file then consists of the concatenation of the encrypted session key and the symmetric encrypted file content. To decrypt one just extracts the encrypted session key, RSA decrypts it then using the symmetric algorithm decrypts the file content using this session key.

There is a good description of the approach in section 13.6 of "Practical Cryptography" by Ferguson and Schneier. PGP uses this general approach but the detail differs from that described in section 13.6 .

Retired horse trader.
 Note: double-underline links may be advertisements automatically added by this site and are probably not endorsed by me.
Campbell Ritchie
Sheriff

Joined: Oct 13, 2005
Posts: 39869
    
  28
Welcome to the Ranch

I have added some new lines to your code because long lines are difficult to read. I shall move this discussion because it is too difficult for "beginning".
Christopher Chan
Greenhorn

Joined: Jul 10, 2011
Posts: 3
James Sabre wrote:One can RSA encrypt the whole file by breaking the file into sections shorter than the RSA modulus (-11 bytes if one uses PKCS1 padding) but this is very very very slow. The standard approach to RSA encryption of files of any length is to use a hybrid approach. One uses a symmetric encryption (AES, Blowfish , DES etc) to actually encrypt the data using a random 'session' key and one only uses RSA to encrypt the session key. The encrypted file then consists of the concatenation of the encrypted session key and the symmetric encrypted file content. To decrypt one just extracts the encrypted session key, RSA decrypts it then using the symmetric algorithm decrypts the file content using this session key.

There is a good description of the approach in section 13.6 of "Practical Cryptography" by Ferguson and Schneier. PGP uses this general approach but the detail differs from that described in section 13.6 .


i have considered that but my supervisor is adamant on having rsa by itself. mind advising on how to split and recombine? much thanks
Christopher Chan
Greenhorn

Joined: Jul 10, 2011
Posts: 3
Campbell Ritchie wrote:Welcome to the Ranch

I have added some new lines to your code because long lines are difficult to read. I shall move this discussion because it is too difficult for "beginning".


much thanks
Campbell Ritchie
Sheriff

Joined: Oct 13, 2005
Posts: 39869
    
  28
You're welcome
Wouter Oet
Saloon Keeper

Joined: Oct 25, 2008
Posts: 2700

I don't know the answer to your problem but you do need to take another look at your code.
If cos.write() throws an exception then the stream will not be closed.


"Any fool can write code that a computer can understand. Good programmers write code that humans can understand." --- Martin Fowler
Please correct my English.
James Sabre
Ranch Hand

Joined: Sep 07, 2004
Posts: 781

Christopher Chan wrote:
i have considered that but my supervisor is adamant on having rsa by itself. mind advising on how to split and recombine? much thanks


1) Create the encryption Cipher to be RSA with ECB and PKCS1 padding.
2) Create a buffer of length the RSA modulus size in bytes - 11.
3) Open the cleartext file with a FileInputStream.
4) Open the ciphertext file with FiileOutputStream
5) Loop reading the cleartext stream into the buffer. After each read use the Cipher.doFinal() method to encrypt the buffer - make sure you use the number of bytes actually read by the read(buffer) method. Write the output from the Cipher.doFinal() to the ciphertext stream.

To decrypt, reverse the process.

Points to note -
a) when decrypting one needs a buffer of the size (in bytes) of the RSA modulus.
b) an InputStream.read(byte array) does not guarantee to read the number of bytes requested and on decryption you MUST MUST MUST read a ciphertext block at a time; partial blocks will not decrypt properly. Use DataInputStream.readFully() to guarantee the length read.

When I do anything along these line I first make sure I can perform the read and write operation flawlessly without actually encrypting or decrypting the file.
Ove Lindström
Ranch Hand

Joined: Mar 10, 2008
Posts: 326

Try: rsa encode big files java

You get a lot of good hits there.
Pat Farrell
Rancher

Joined: Aug 11, 2007
Posts: 4659
    
    5

Christopher Chan wrote:i have considered that but my supervisor is adamant on having rsa by itself. mind advising on how to split and recombine? much thanks


Your supervisor *must* be educated. S/He is wrong. Its an evil and broken requirement. The standard practice is to create a session key randomly. Encrypt and send the session key to the other end, and use DES/3DES/AES to encipher the long text.

RSA can ONLY work with the number of bits that the key is. It can not encipher nor decipher anything longer. You could break up the long file into lots and lots of small packets, and do each separately.

Have your boss hire an expert.

Bad crypto code is weak. It is easy to write bad crypto code.

It is possible that there is even a simple attack possible when you send lots of packages all enciphered with the same key, that a weakness that no one has found so far will show up.

Do not do what your boss asks if you want to be able to say that you did a good job at security. Period.
James Sabre
Ranch Hand

Joined: Sep 07, 2004
Posts: 781

Pat Farrell wrote:
Christopher Chan wrote:i have considered that but my supervisor is adamant on having rsa by itself. mind advising on how to split and recombine? much thanks


Your supervisor *must* be educated. S/He is wrong. Its an evil and broken requirement. The standard practice is to create a session key randomly. Encrypt and send the session key to the other end, and use DES/3DES/AES to encipher the long text.


Since this was originally posted in the "Beginning Java" forum I initially assumed that it was a school/college/university assignment. But it seems unlikely that such a complex topic could be part of a Java 101 course so I changed my mind and my first response assumed that it had just been posted in the wrong forum and I suggested the hybrid approach. When the OP wrote "my supervisor is adamant on having rsa by itself" I went back to my first thought and assumed that by 'supervisor' the OP meant his school/college/university project supervisor.

If this is for a school/college/university assignment for somebody learning Java then it is a bad assignment. If it is for the OP's work then his supervisor is an idiot.

The comments in the code lead me to believe that the code posted is a distortion of something posted on the WWW but though I can find similar comments I can't find them associated with RSA.
Pat Farrell
Rancher

Joined: Aug 11, 2007
Posts: 4659
    
    5

James Sabre wrote:If this is for a school/college/university assignment for somebody learning Java then it is a bad assignment. If it is for the OP's work then his supervisor is an idiot.

In an effort to keep the ranch here friendly, I"d say the supervisor is naive and uneducated about the complexity of proper cryptographic software.

Even if you use AES or some other proper symmertic block cipher, they all work on small blocks at a time, and it is terrible to use the same key for each one. That is why the block-chaining modes were invented and standardized. You never cipher multiple blocks with the exact same key.

 
 
subject: RSA encryption