2

I need a way to allow multiple people encrypting various files but only one party been able to read them all. I wrote a program in Go by following various online examples but at some point I got the following error:

Error from encryption: crypto/rsa: message too long for RSA public key size

Is RSA the wrong way to go? Is it ok if I break the file into multiple chunks and encrypt them? Is there an asymmetric block cipher that I can easily use?

I read the discussion here and it is said that RSA is not the proper way to go.

Can you also provide with an example?

Community
  • 1
  • 1
Anastasios Andronidis
  • 6,310
  • 4
  • 30
  • 53
  • If this is a serious project with substantial users you really need to get a cryptographic domain expert involved, security is very hard to get correct. – zaph Nov 01 '16 at 02:19

2 Answers2

0

If you need public key asymmetric encryption for data larger than the key size you need to use hybrid encryption. Essentially this is how HTTPS works.

Hybrid encryption is where the data is encrypted with symmetric key encryption such as AES and that key is encrypted with asymmetric key encryption such as RSA or EC (Elliptic Curve) Cryptography.

Do not break the file into multiple chunks and encrypt them.

zaph
  • 111,848
  • 21
  • 189
  • 228
  • Hi! Do you thing something like PGP would do the job for me? I see that golang supports a PGP implementation in its core library: https://godoc.org/golang.org/x/crypto/openpgp – Anastasios Andronidis Nov 01 '16 at 06:36
0

So I ended up using GPG and my service has one unique private key and I share the public one with my users.

Anastasios Andronidis
  • 6,310
  • 4
  • 30
  • 53