4

I'm learning about RSA encryption and I have understood how to encrypt a single letter. I have problems understanding how does RSA work while encrypting a sentence.

For eg: Single letter encryption: A
Encryption= A^e (mod n)

But in a sentence. For eg: Sentence encryption: Hello World

Does each word get encrypted or does the sentences as a whole get encrypted?

kelalaka
  • 5,064
  • 5
  • 27
  • 44
Ethan
  • 77
  • 1
  • 9

1 Answers1

8

Neither. In practice RSA is almost always coupled with a symmetric cipher such as AES to encrypt larger ciphertext.

RSA in itself certainly doesn't distinguish between words and sentences. RSA - the cryptographic primitive - operates on numbers. RSA as defined in PKCS#1, where the modular exponentiation is preceded or followed by padding / unpadding however operates on bits. In turn, cryptographic libraries operate on bytes, as a byte is generally the smallest element that can be addressed directly within memory.

For RSA to be secure it needs to be used with a secure padding mode such as PKCS#1 v1.5 compatible padding or OAEP. However, that will only allow relatively small messages to be encrypted. So RSA is commonly used to encrypt a randomly generated AES key (16, 24 or 32 bytes), which is then used to encrypt the actual plaintext message of almost any size. It is also possible to use e.g. RSA-KEM to establish a particular key rather than to encrypt one directly. Using RSA and AES together is called a hybrid cryptosystem as it both comprises of asymmetric and symmetric encryption.

If you want to use textbook / raw RSA for practice then you can encrypt any kind of number, as long as it is smaller than the modulus. Now how you split your message into small enough components and how you convert to / from a number is entirely up to you - as long as you can reverse the process, obviously.

Usually you just take a few 8-bit Latin characters together, say 4, convert them to a 32 bit unsigned number, and use that number in your RSA calculations. Then you take the next 4 etc. You can pad with spaces where required.

Kind of obviously you run into immediate problems if your number is too small (1 to the power of the public exponent is still 1, after all, not very secure even with a large key size); to secure RSA a secure padding method is required. Similarly, usually the key sizes that are used to practice RSA are too small (smaller than 512 bits) to provide any kind of security.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • Thank you very much for the clarification. So when RSA is specified it means that RSA is only used for key exchange? – Ethan Aug 15 '19 at 18:36
  • 1
    RSA *when used for encryption* is commonly paired with a symmetric cipher. RSA for signature generation commonly includes a cryptographic hash such as SHA-256. I don't like the word "exchange" in key exchange, but yeah, it is commonly used for key establishment (direct encryption / decryption or key agreement / derivation). – Maarten Bodewes Aug 15 '19 at 18:43
  • How is digital signature generation done with RSA? Does it encrypt the whole file together or in small chunks? – Ethan Aug 15 '19 at 19:11
  • No, it hashes the data, pads the hash and then performs modular exponentiation with the private key, which is different from performing encryption (if just because you would not expect to be able to "decrypt" with a *public* key, encryption is performed to achieve confidentiality). – Maarten Bodewes Aug 15 '19 at 20:20