Encrypted AES key too large to Decrypt with RSA (Java)?

Edit: I misunderstood the problem. You should use a larger RSA key, for instance RSA 4096 allows you to encrypt 501 bytes.

Edit: I misunderstood the problem. You should use a larger RSA key, for instance RSA 4096 allows you to encrypt 501 bytes. You can try using AES in OFB mode which will allow you to encrypt a message of an arbitrary size.

Alternately you could use a stream cipher like RC4 which will also allow you to encrypt an arbitrary sized message. If you go with RC4 make sure to use RC4-drop1024 which just means you throw away the first 1024 bytes of cipher text. The first 1024 bits of rc4 are predictable and this as well as many other issues led to the downfall of WEP used to secure WIFI.

Another problem with RC4 is that you cannot reuse the PRNG stream, Basically you must use a different key for each message or an attacker can break the system pretty easily using nothing more than XOR. I'd go with AES in OFB mode, but RC4 can be used securely. All other block cipher modes will always produce a message divisible by their block size.

For instance AES 128 in CBC mode will always produce a message divisible by 128 bits. If the message is smaller than 128 bits its often padded with nulls. If this a string, then it should be null terminated and you don't have to worry.

On a Side not make sure you don't use ECB mode. Another problem is I don't see that you are using a rotating or randomized Initialization Vector (IV), which significantly weakens any block cipher. Failure to properly implement a IV is a recognized vulnerability by CWE-329.

Thanks for the suggestions, especially about IV, however the problem is not with the implementation of AES but rather RSA. Whenever I encrypt the 16 byte AES key (with RSA) the result comes out to 128 bytes, which is larger than RSA's 117 byte cap so I am unable to decrypt it. – Petey B May 3 '10 at 18:23 @Petey B Oah sorry I misunderstood, thats an even easier problem to solve, just use a larger RSA key.

For instance RSA 4096 allows you to encrypt 501 bytes. – Rook May 3 '10 at 18:31 All is well now, thank you – Petey B May 3 '10 at 18:31 @Petey B Your welcome I'm happy to help. – Rook May 3 '10 at 18:33 This is so confusing.

The size of the original RSA key should have been more than enough. And the reported error doesn't occur for the code posted. – GregS May 3 '10 at 23:59.

When you use encryption, always specifying padding. Otherwise, your clear-text will be padded to the block size. For example, Cipher aes = Cipher.

GetInstance("AES/CBC/PKCS5Padding"); Cipher rsa = Cipher. GetInstance("RSA/None/PKCS1Padding"); The AES key is only 16 bytes for 128-bit. So it should fit in any RSA block nicely.

– Petey B May 3 '10 at 15:15 The padding supported by each algorithm is depended on the JCE implementation. The values in my example are the recommended settings for AES and RSA. – ZZ Coder May 3 '10 at 15:33 2 -1 s problem has absolutely nothing to do with the type of padding used.

A block cipher will always produce blocks of the same size, and padding is a requirement. For instance AES 128 will always produce cipher text divisible by 128bits. Unless of course you are using OFB mode.

– Rook May 3 '10 at 17:45 It seems no matter which padding I specify (even NOPADDING) the encrypted AES key always comes out to 128 bytes – Petey B May 3 '10 at 18:03.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.