如何使用RSA加密大文件?

huangapple go评论112阅读模式
英文:

How to encrypt large file with RSA?

问题

代码 https://play.golang.org/p/CUEqjsJq5c

错误:

panic: crypto/rsa: RSA 公钥大小不足以容纳该消息

goroutine 1 [running]:
panic(0x4a6d80, 0xc420010420)
	/usr/local/go/src/runtime/panic.go:500 +0x1a1
main.main()
	/tmp/sample.go:28 +0xfa

文件大小为 811 字节(用于测试加密自身源文件)。我想加密一些更大的文件,1 到 500 MB。我可以使用 RSA 进行加密吗,还是需要使用其他方法?

英文:

Code https://play.golang.org/p/CUEqjsJq5c

Error:

panic: crypto/rsa: message too long for RSA public key size

goroutine 1 [running]:
panic(0x4a6d80, 0xc420010420)
	/usr/local/go/src/runtime/panic.go:500 +0x1a1
main.main()
	/tmp/sample.go:28 +0xfa

File size 811 byte (for test encrypt self source file). I want encrypt some bigger files, 1..500 mb. Can I do it with RSA or need use some other methods?

答案1

得分: 16

RSA只能加密比(或等于)密钥长度小的数据。

解决方法是使用对称算法(如AES)对数据进行加密,该算法专门设计用于加密小型和大型数据。

如果需要RSA公钥/私钥对来加密对称(AES)密钥,则可以使用RSA对数据进行混合加密。这被称为混合加密,实质上就是HTTPS加密数据的方式。

但是,除非需要公钥/私钥对,否则通常不需要对对称密钥进行RSA加密。一般情况下,只需使用对称(AES)密钥即可。公钥/私钥对的使用场景是什么?

英文:

RSA can only encrypt data smaller than (or equal to) the key length.

The answer is to encrypt the data with a symmetric algorithm such as AES which is designed to encrypt small and large data.

If an RSA public/private key pair are required encrypt the symmetric (AES) key with RSA. This is referred to as hybrid encryption and in essence is how HTTPS encrypts data.

But it is may not necessary to RSA encrypt the symmetric key unless a public/private key pair are required. In the general case one just uses symmetric (AES) and that key. What is the use case for a public/private key pair?

答案2

得分: 15

如果您不想对文件进行分块处理,可以采取以下方法:

  1. 在传输过程中生成一个随机对称密钥 R
  2. 使用对称密钥 R 对大文件进行加密,生成 EF=Sym(F, R)
  3. 使用非对称 RSA 公钥对对称密钥 R 进行加密,生成 ER=ASym(PublicKey, R)
  4. 将加密文件 EFER 一起发送。

加密过程:

+---------------------+      +--------------------+
|                     |      |                    |
| 生成随机密钥 (R)     |      |   大文件 (F)        |
|                     |      |                    |
+--------+--------+---+      +----------+---------+
         |        |                     |
         |        +------------------+  |
         |                           |  |
         v                           v  v
+--------+------------+     +--------+--+------------+
|                     |     |                        |
| 使用您的 RSA 公钥加密 |     | 使用对称密钥 (R) 加密   |
| (ASym(PublicKey, R)) |     | (Sym(F, R))            |
|                     |     |                        |
+----------+----------+     +------------+-----------+
           |                             |
           +------------+ +--------------+
                        | |
                        v v
         +--------------+-+---------------+
         |                                |
         |   将这些文件发送给对等方         |
         |                                |
         |     ASym(PublicKey, R) + EF    |
         |                                |
         +--------------------------------+

解密过程:

   +----------------+        +--------------------+
   |                |        |                    |
   | EF = Sym(F, R) |        | ASym(PublicKey, R) |
   |                |        |                    |
   +-----+----------+        +---------+----------+
         |                             |
         |                             |
         |                             v
         |   +-------------------------+-----------------+
         |   |                                           |
         |   |             恢复密钥 (R)                  |
         |   |                                           |
         |   | R <= ASym(PrivateKey, ASym(PublicKey, R)) |
         |   |                                           |
         |   +---------------------+---------------------+
         |                         |
         v                         v
     +---+-------------------------+---+
     |                                 |
     |       恢复文件 (F)               |
     |                                 |
     |      F <= Sym(Sym(F, R), R)     |
     |                                 |
     +---------------------------------+
英文:

If you don't want to chunk the file, an approach is:

  1. Creating a random symmetric key R on the air,
  2. Encrypting the large file with the symmetric key R to create EF=Sym(F, R),
  3. Encrypting the symmetric key R with an asymmetric RSA public key to create ER=ASym(PublicKey, R),
  4. Sending the encrypted file EF alongside ER.

Encryption:

+---------------------+      +--------------------+
|                     |      |                    |
| generate random key |      |   the large file   |
|        (R)          |      |        (F)         |
|                     |      |                    |
+--------+--------+---+      +----------+---------+
         |        |                     |
         |        +------------------+  |
         |                           |  |
         v                           v  v
+--------+------------+     +--------+--+------------+
|                     |     |                        |
| encrypt (R) with    |     | encrypt (F)            |
| your RSA public key |     | with symmetric key (R) |
|                     |     |                        |
|  ASym(PublicKey, R) |     |     EF = Sym(F, R)     |
|                     |     |                        |
+----------+----------+     +------------+-----------+
           |                             |
           +------------+ +--------------+
                        | |
                        v v
         +--------------+-+---------------+
         |                                |
         |   send this files to the peer  |
         |                                |
         |     ASym(PublicKey, R) + EF    |
         |                                |
         +--------------------------------+

Decryption:

   +----------------+        +--------------------+
   |                |        |                    |
   | EF = Sym(F, R) |        | ASym(PublicKey, R) |
   |                |        |                    |
   +-----+----------+        +---------+----------+
         |                             |
         |                             |
         |                             v
         |   +-------------------------+-----------------+
         |   |                                           |
         |   |             restore key (R)               |
         |   |                                           |
         |   | R <= ASym(PrivateKey, ASym(PublicKey, R)) |
         |   |                                           |
         |   +---------------------+---------------------+
         |                         |
         v                         v
     +---+-------------------------+---+
     |                                 |
     |       restore the file (F)      |
     |                                 |
     |      F <= Sym(Sym(F, R), R)     |
     |                                 |
     +---------------------------------+

huangapple
  • 本文由 发表于 2016年10月25日 23:24:42
  • 转载请务必保留本文链接:https://go.coder-hub.com/40243857.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定