How does RSA work while encrypting a sentence?

2020-04-11 14:14发布

问题:

I'm learning about RSA encryption and I have understood how to encrypt a single letter. I have problems understanding how does RSA work while encrypting a sentence.

For eg: Single letter encryption: A
Encryption= A^e (mod n)

But in a sentence. For eg: Sentence encryption: Hello World

Does each word get encrypted or does the sentences as a whole get encrypted?

回答1:

Neither. In practice RSA is almost always coupled with a symmetric cipher such as AES to encrypt larger ciphertext.

RSA in itself certainly doesn't distinguish between words and sentences. RSA - the cryptographic primitive - operates on numbers. RSA as defined in PKCS#1, where the modular exponentiation is preceded or followed by padding / unpadding however operates on bits. In turn, cryptographic libraries operate on bytes, as a byte is generally the smallest element that can be addressed directly within memory.

For RSA to be secure it needs to be used with a secure padding mode such as PKCS#1 v1.5 compatible padding or OAEP. However, that will only allow relatively small messages to be encrypted. So RSA is commonly used to encrypt a randomly generated AES key (16, 24 or 32 bytes), which is then used to encrypt the actual plaintext message of almost any size. It is also possible to use e.g. RSA-KEM to establish a particular key rather than to encrypt one directly. Using RSA and AES together is called a hybrid cryptosystem as it both comprises of asymmetric and symmetric encryption.


If you want to use textbook / raw RSA for practice then you can encrypt any kind of number, as long as it is smaller than the modulus. Now how you split your message into small enough components and how you convert to / from a number is entirely up to you - as long as you can reverse the process, obviously.

Usually you just take a few 8-bit Latin characters together, say 4, convert them to a 32 bit unsigned number, and use that number in your RSA calculations. Then you take the next 4 etc. You can pad with spaces where required.

Kind of obviously you run into immediate problems if your number is too small (1 to the power of the public exponent is still 1, after all, not very secure even with a large key size); to secure RSA a secure padding method is required. Similarly, usually the key sizes that are used to practice RSA are too small (smaller than 512 bits) to provide any kind of security.