[pycrypto] Bug in Crypto.PublicKey.RSA?

Dwayne C. Litzenberger dlitz at dlitz.net
Mon Sep 8 08:46:27 CST 2008

On Mon, Sep 08, 2008 at 10:42:01AM -0400, Dwayne C. Litzenberger wrote:
> On Sun, Sep 07, 2008 at 10:48:49PM -0700, Bill Broadley wrote:
>> Shouldn't RSA.generate(keysize, rpool.get_bytes) generate a key that is
>> keysize bits and that can encrypt that many bits?
> No.  RSA with an N-bit modulus can only guarantee encryption of up to N-1 
> bits.

I should also add that you should not be encrypting user data directly 
using RSA.  You _need_ padding like PKCS#1 if you want any security.  There 
are a ton of attacks on direct RSA encryption.

Like most of the things in PyCrypto, Crypto.PublicKey.RSA is a primitive 
that can be used to *build* a secure cryptosystem, but it doesn't provide 
any meaningful security by itself.

  - Dwayne

Dwayne C. Litzenberger <dlitz at dlitz.net>
  Key-signing key   - 19E1 1FE8 B3CF F273 ED17  4A24 928C EC13 39C2 5CF7
  Annual key (2008) - 4B2A FD82 FC7D 9E38 38D9  179F 1C11 B877 E780 4B45
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.dlitz.net/pipermail/pycrypto/attachments/20080908/c252807c/attachment.pgp 

More information about the pycrypto mailing list