chavdar yotov wrote:Would you have any tips on how to avoid said byte loss, Richard?
The rest of my code works as intended, as it's a simple RSA encryption, which has been tested thoroughly. The issue here is the conversion and reversal, as it's the newest element, which I'm having issues with. If you'd insist, I'll get on to posting more of it.
Since you are not using the JCE I have to assume that this is a homework assignment.
Using your splitting approach one could end up with the last block having just one byte and if one uses RSA on a small value (such as 1 byte) then the private exponent can be easily deduced. This security problem is removed in real world RSA by using PKCS1 padding (Google is your friend) but it doesn't totally remove the leading zero problem because your the ciphertext generated for a block may itself have a leading zero so you will lose synchronization. This loss of synchronisation can be avoided by padding with zeros each block of ciphertext to a fixed length (normally the length of the RSA modulus).
Just for information, since this is probably homework I assume you can't use this approach but the normal approach to using RSA on large data is to use a hybrid approach. One generates a random key for use in a block cipher such as AES or Blowfish and one uses that cipher and random key to encrypt the data. One then only encrypts the random key with RSA. The encrypted output is then -
<RSA encrypted key length><RSA encrypted key><Block cipher encrypted PKCS5 padded data>
The RSA algorithm is very slow when compared to block cipher algorithms so this hybrid approach has the added advantage of being much faster for intermediate/long files than pure RSA.