-2

i want to use hybrid encryption technique which involves the combination of AES technique as well as RSA technique for encrypting the block of data.Since this technique involves the generation of random key for encrypting the data using AES algorithm and then RANDOM KEY is also encrpyted by a public key using RSA algorithm. But i am confused about what algorithm will be used here to generate my random key as well as public key. will a single key generation algorithm be used to generate both the random key as well as the public key?? or two different methods should i use for generating these keys??? please clear my confusion by giving a suitable solution.

goaround
  • 9
  • Welcome to Stackoverflow. This site is for questions directly related to programming only. This question would belong on crypto.stackexchange.com, but I would recommend you to get a better knowledge about the cryptography field first; you are bound to make mistakes otherwise that may easily nullify the security you are trying to achieve. – Maarten Bodewes Jul 06 '13 at 22:48

1 Answers1

1

Public / private key pairs are related mathematically, and so require a significantly different algorithm to generate them. They have very specific properties, which is also why you need such a large key (1024 bits or more) to have a secure key.

Symmetric ciphers such as AES use much shorter keys because the cipher does not rely on any specific mathematical properties of the key itself. That's why you can get good security with just a 128-bit key from AES.

Typically, the architecture you're describing uses AES with a one-time random session key to encrypt the bulk data, and then the private key encrypts the AES session key. The public/private key pair get generated ahead of time and are used for multiple messages. The session key changes message-to-message. (That's the basic idea behind PGP, as I recall.)

If you don't understand the differences between these elements and how they're used, might I suggest you rely on already-proven software such as GPG, PGP or libraries based on them?

Joe Z
  • 17,413
  • 3
  • 28
  • 39
  • ThankYou for the answer.But right now i simply want to know the algorithm behind generating these two different keys together theoretically and not to use the software like GPG, PGP .Though i know they work for the same.i want some theoritical solution to it rather than practical implementation. – goaround Jul 06 '13 at 19:36
  • Should i use pseudo random number generator algorithm to generate a random key first and then use some other algorithm for generating public key?? – goaround Jul 06 '13 at 19:46
  • The *public* key encrypts the session key. @goaround You have to use the RSA key generation process to generate RSA key pairs. – user207421 Jul 06 '13 at 22:19