Skip to main content

Asymmetric Encryption

Asymmetric encryption is a type of encryption where a pair of keys is used to encrypt and decrypt electronic information. The key pair consists of a public key and a private key. The public key is used to encrypt the information and the private key is used to decrypt it.

Order of preference

  1. Well-Known Libraries
  2. ECC
  3. RSA-KEM: RSA Key Encapsulation Mechanism
  4. RSA-OAEP: RSA Optimal Asymmetric Encryption Padding
danger

The latter part of this document will cover the RSA encryption process, but getting RSA right is hard and SHOULD BE AVOIDED, even with the right libraries. Prefer the first two options whenever possible.

RSA Key Generation

  • Storage Format
    • Recommended: Encode in base64 with PEM format.
    • Alternatively, store in binary with DER format.
  • Bit length
    • Recommended: 2048 bits. Good balance between security and performance.
    • Alternatively, consider 3072 or 4096 for higher security. Note that this will slow down encryption/decryption.

Private key

Recommended. More modern and flexible.

openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:2048

The output key header will be -----BEGIN PRIVATE KEY-----.

Public key

info

Public key are derived from private key.

Recommended. PKIX (Public Key Infrastructure) also known as X.509 or SPKI (Subject Public Key Info)

openssl rsa -pubout -in private_key.pem -out public_key.pem

RSA-KEM

High level overview:

  1. Create a random symmetric key
  2. Encrypt it with RSA public key
  3. Encrypt the data with the symmetric key
  4. Send the encrypted symmetric key and the encrypted data

RSA-OAEP

Hashing

  • SHA-256: Recommended
  • SHA-1: Cryptographically broken, and should not be used.

Padding

  • OAEP: Recommended
  • PKCS#1 v1.5: Legacy

Label

By default the label is empty, but it can be set to a specific value. Both the encryptor and decryptor must use the same label.

☠️ AVOID THESE

  • RSA in general
  • ElGamal
  • OpenPGP, OpenSSL, BouncyCastle, etc.

References