0

I've got a problem. I'm using pycrypto and rsa. I want to generate my rsa keys. Then I want to send my public key (in binary or base64 or similar) but first I want to encrypt it with server public. Because I want to be sure that no one is sniffing and my public needs to be not well known.

And then the problem starts. Because when I'm encrypting my public key, after decrypting it, decrypted data is unreadable.

And I have no idea why. When I exchange publics and send normal data (not public keys) encrypting works. I can't find sollution to how send my public encrypted.

Can someone help me? Every comment will be useful

My code:

  random_generator = Random.new().read
  self.private_key = RSA.generate(1024, random_generator)
  self.public_key = self.private_key.publickey()
  keytoexport =self.public_key.exportKey(format='PEM', passphrase=None)

  #client encrypting to server
  def _encrypt(self, content):
    return self.server_public_key.encrypt(content, 32)

  #server decrypting content
  def _decrypt(self, content):
     return self.parent.private_key.decrypt(content)

Im sending datagram by client like that.

def send_datagram(self, datagram):
    datagram = pickle.dumps(datagram)
    self.socket.sendall(datagram)
    response_server = self.socket.recv(2048)
    return pickle.loads(response_server)

And retriving it to server like that.

receive_socket = self.request
ask = receive_socket.recv(2048).strip()
John Powell
  • 12,253
  • 6
  • 59
  • 67
Kamil
  • 35
  • 7
  • 1
    What is the size of server's public key? because `plaintext (byte string or long) - The piece of data to encrypt with RSA. It may not be numerically larger than the RSA module (n).` – Dima Tisnek Jan 12 '15 at 13:23
  • What is the `32` stand for in the call to `encrypt`? – Maarten Bodewes Jan 12 '15 at 14:15
  • @MaartenBodewes-owlstead 32 is :Parameter K: A random parameter (*for compatibility only. This value will be ignored*) Type K: byte string or long – Kamil Jan 12 '15 at 14:18
  • @qarma When i export public key its a normal string not long. – Kamil Jan 12 '15 at 14:22

1 Answers1

1

The public key of a key pair is by definition longer than the modulus, as it contains the modulus. The modulus will be 128 bytes as it defines the key size for RSA. So by definition you cannot encrypt an RSA key with a key of the same size.

So you can do things:

  1. require the server key to be (much) larger than the public key of the client;
  2. or you can use hybrid crypto, where you encrypt the public key with a random AES session key, which is in turn encrypted with the public key of the server.

You need to consider padding oracle attacks for both RSA encryption and for AES if you choose to implement this scheme. So use OAEP/AES-GCM or OAEP/AES-CBC/HMAC as encryption schemes or you might as well post your public key here.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • You are my damn HERO! I set rsa key long on 4096 and client 1024 and it worked. But the time of program is now 10x slower but it works ;) Thx a lot. – Kamil Jan 12 '15 at 15:07
  • 2048 should work too. The difference required is 11 or 50-something bytes, depending if PKCS#1 v1.5 or OAEP padding is used for RSA. – Maarten Bodewes Jan 12 '15 at 15:16
  • Hmm but could you tell me why i have same problem as before encrypting by rsa serwer(4096 key) message to client(1024 key). Message to client is unreadable when his key is smaller. – Kamil Jan 12 '15 at 18:13
  • Well, one of the two has to be bigger than the other. RSA encryption is not suitable for larger size messages. That's why it is usually used to encrypt a randomly generated key, which in turn encrypts the message (or other key). This is called a hybrid cryptosystem, because it uses both asymmetric crypto (e.g. RSA) and symmetric crypto (e.g. AES) to encrypt one message. – Maarten Bodewes Jan 12 '15 at 18:21
  • Ok, so i will use aes. Thank you on more time :) – Kamil Jan 12 '15 at 18:39