If RSA is limited to 117-200 bytes or so, is that a very limited use case?

Question

Am I missing something, or is RSA very very limiting when it comes to ecrypting data when it comes to the actual message size?

I have read that you can only encrypt a message of around 117 to 200 bytes in size (depending on your key size: 1024 or 2048 bits). Is this correct?

If so, I think I have read people suggesting on using it for larger files. I guess they are just repeating the process many times over and over in blocks of 117 bytes?

http://en.wikipedia.org/wiki/RSA_(algorithm) doesn't say anything about a limit. — Robert Harvey, Jun 04 '13 at 19:06
You are correct in that RSA can be used to encrypt larger blocks by repeatedly encrypting each block. As to how this can be done, see https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation — , Jun 04 '13 at 19:07
@RobertHarvey I seem to read about the limit in forums everywhere, isn't the limit 117-200 bytes? — user1361315, Jun 04 '13 at 19:10
@RobertHarvey An RSA modulus is typically between 1024 and 4096 bits, minus padding this allows you to put a few hundred bytes in it. In theory it's possible to split the message into multiple RSA blocks to overcome the limit, but there are no standard ways of doing this because it's a really dumb idea. — CodesInChaos, Jun 04 '13 at 19:15
Some people call RSA a block cipher, but that is not a useful way of viewing it. RSA certainly doesn't fulfill the security requirements of a block cipher, and it can't be used in typical modes of operation. — CodesInChaos, Jun 04 '13 at 19:27
Technically it encrypts one block of data at a time, however it is so processor intensive it is not practical for use as a general purpose block cipher. Thus, nobody has done the work of refining it for use as a block cipher. — John Deters, Jun 04 '13 at 21:21
possible duplicate of How can I use asymmetric encryption, such as RSA, to encrypt an arbitrary length of plaintext? — Gilles 'SO- stop being evil', Jun 05 '13 at 12:26

score 7 · Accepted Answer · answered Jun 04 '13 at 19:12

7

In practice, asymmetric algorithms like RSA are usually used for key transport. In other words, instead of a true message, they are used to encrypt a secret key for a symmetric cipher.

That symmetric cipher key is used to encrypt the actual message, and that could be gigabytes, depending on the algorithm.

Standards like TLS, PGP, and S/MIME use RSA in this way.

By the way, a limit of 117 bytes is for a 1024-bit RSA key. Keys that small are no longer recommended.

answered Jun 04 '13 at 19:12

erickson

1,045
8
10

I see, so its often used to encrypt say a AES key, but the message is encrypted using AES. – user1361315 Jun 04 '13 at 19:18
@user1361315 Exactly. – erickson Jun 04 '13 at 19:20

score 0 · Answer 2 · answered Jun 04 '13 at 19:09

0

RSA is typcially used for a Symmetric Key Exchange, so most cases dont need more bytes. You can,however repeat the encryption for each block of the message.

answered Jun 04 '13 at 19:09

Chris Kooken

101
1

score 0 · Answer 3 · answered Jun 04 '13 at 19:11

0

The normal way to encrypt larger data blocks is to use a symmetric crypto algorithm to encrypt the actual data, and then encrypt the symmetric key using RSA.

answered Jun 04 '13 at 19:11

Joachim Isaksson

141
2

If RSA is limited to 117-200 bytes or so, is that a very limited use case?

3 Answers3

Related