0

I am using a Chrome extension to encrypt data and post it over HTTPS to a PHP script that stores them into a MySQL database. Then, the database is dumped and sent to a secure environment where the data is decrypted.

For encryption I'm using a RSA-2048 public key that I ship with the extension.

The data is just an array of bytes (represented as integers) and the length of the array is always a multiple of five. Something like this:

var data = [255, 24, 16, 0, 34];

In RSA-2048 I can only encrypt up to 245 bytes. I don't want to encode these bytes in base64 because I will only be able to store 120 bytes of the original data. What is the most efficient encoding that is safe for transport in this case?

synack
  • 1,699
  • 3
  • 24
  • 50
  • It's not very clear what the question is. – JJJ Oct 23 '15 at 09:19
  • I'm gonna edit to make it clearer. – synack Oct 23 '15 at 09:19
  • 1
    Use RSA to encrypt a key for a say AES and then encrypt the data with that key. Then store `RSA(pub, sk)+AES(sk, data)`. – Dan D. Oct 23 '15 at 09:23
  • I don't want to use hybrid encryption. .. – synack Oct 23 '15 at 09:24
  • 1
    pidCrypt internally encodes the passed plaintext to base64 before encryption, so you can use "binary" strings. – Artjom B. Oct 23 '15 at 09:32
  • @ArtjomB. what do you mean by "binary string"? is it possible to convert the array above to such a binary string in javascript? – synack Oct 23 '15 at 09:34
  • @ArtjomB., something like they suggest here: http://stackoverflow.com/a/16363518/1336939 ? – synack Oct 23 '15 at 09:39
  • @synack No, I don't mean a string consisting of 0 and 1 characters. I actually mean the JavaScript equivalent of a byte array as a string without a particular encoding. I don't know how this is usually done, though. I would recommend not using pidCrypt for this and instead looking at forge or JSBN directly. – Artjom B. Oct 23 '15 at 11:38
  • @ArtjomB.: that's useful. thank you! – synack Oct 23 '15 at 13:00

1 Answers1

2

For encryption I'm using a RSA-2048 public key that I ship with the extension.

Why RSA?

Many security experts actively discourage the use of RSA in new protocols.

In RSA-2048 I can only encrypt up to 245 bytes. I don't want to encode these bytes in base64 because I will only be able to store 120 bytes of the original data. What is the most efficient encoding that is safe for transport in this case?

Commenter "Dan D" said (correctly): "Use RSA to encrypt a key for a say AES and then encrypt the data with that key. Then store RSA(pub, sk)+AES(sk, data)" to which you responded "I don't want to use hybrid encryption".

WHY?

If you're going to use RSA (which you really shouldn't!), the only way to do this safely and securely is to use hybrid encryption.

Interestingly, the 245 byte restriction you're alluding to in your question implies you're using PKCS#1 v1.5 padding, which is vulnerable to chosen-ciphertext attacks.

You have three choices here, really:

  1. Use libsodium.
  2. Use hybrid encryption.
  3. Be insecure.
Scott Arciszewski
  • 33,610
  • 16
  • 89
  • 206