Wrox Programmer Forums
|
BOOK: Beginning Cryptography with Java
This is the forum to discuss the Wrox book Beginning Cryptography with Java by David Hook; ISBN: 9780764596339
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning Cryptography with Java section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old January 23rd, 2007, 04:22 PM
Authorized User
 
Join Date: Jan 2007
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Default update, doFinal and blocks

I'm suffering from some conceptual haziness. Perhaps someone could respond to the following questions; I'd certainly appreciate it.

First, in chapter two, there are the symmetric block ciphers. What exactly does block mean in this phrase? And are all symmetric key ciphers, block ciphers?

Second, are there blocks in asymmetric key ciphers? Are they the same thing, conceptually, as the blocks above?

Seems like a fundamental, but I'm not clear on when I need to use update, instead of just doFinal? I think I'm fairly straight on the idea that the algorithm can only process so much info at one time, but how do I know what that limit is?

 
Old January 23rd, 2007, 06:16 PM
dgh dgh is offline
Wrox Author
 
Join Date: Aug 2005
Posts: 206
Thanks: 0
Thanked 20 Times in 20 Posts
Default

Block means that the cipher processes data a block at a time.

Not all symmetric key ciphers are block ciphers though, RC4 for example is a stream cipher. Block ciphers themselves can also be used in a streaming mode.

Asymmetric key ciphers also have a concept of a block, but in this case the largest block that can be processed is determined by the mathematics of the algorithm - you can process a 20 byte block with a 1024 bit RSA key just as easily as a 40 byte one. A block cipher lock DES on the other hand requires a full block of input data (64 bits in this case).

doFinal is used to end the encryption process - it tells the underlying provider that it's time to flush any buffers and add, or remove, padding if necessary. How much data you can actually process with a given cipher is a combination of the block size and the mode you are using it in - for example CTR mode with a 16 bit counter is good for 64k before the counter starts to cycle.

Regards,

David

 
Old January 23rd, 2007, 06:50 PM
Authorized User
 
Join Date: Jan 2007
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Default

So, if I'm encrypting a message with RSA, how do I know whether my message is larger than the block size? I assume I can research the algorithm and key size, but can I determine this programmatically?

If my message is larger than the max, do I just use update until I have less than the maximum block size left?



 
Old January 23rd, 2007, 07:34 PM
dgh dgh is offline
Wrox Author
 
Join Date: Aug 2005
Posts: 206
Thanks: 0
Thanked 20 Times in 20 Posts
Default

You shouldn't encrypt general messages with RSA. Use a symmetric cipher to encrypt the message and use RSA to encrypt and send the symmetric cipher key.

Regards,

David

 
Old January 24th, 2007, 11:58 AM
Authorized User
 
Join Date: Jan 2007
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Default

David,

Clearly I'm a newbie, but I have read a couple of books. From this reading I realize its non-standard practice to encode actual data with RSA. However, that's what I'm being asked to do by a third party ( I'm a contractor ). I have little choice in this kind of thing.

So, my question to you is: Just how non-standard is this? Bare in mind that the data is pretty short. Less than 100bytes.

Thanks,
Chad



 
Old January 25th, 2007, 07:22 PM
dgh dgh is offline
Wrox Author
 
Join Date: Aug 2005
Posts: 206
Thanks: 0
Thanked 20 Times in 20 Posts
Default

It's certainly non-standard to encrypt multiple blocks of a message using RSA.

For short messages both OAEP and PKCS1 padding inject a certain amount of random data. For something like this the best bet would be to use OAEP - if you use it with SHA1 you'll lose a minimum of 41 bytes to padding so you'll need to chose your key size accordingly.

Regards,

David






Similar Threads
Thread Thread Starter Forum Replies Last Post
Building Blocks terry s Dreamweaver (all versions) 1 August 16th, 2005 02:42 PM
The 7 application blocks EricJ General .NET 0 June 30th, 2005 06:57 AM
buildng blocks terry s Dreamweaver (all versions) 11 January 24th, 2005 02:57 PM
Building Blocks terry s Dreamweaver (all versions) 1 January 12th, 2005 02:03 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.