Closed jimmykane closed 8 years ago
Would it not suffice just to use RSA() and the keyPair to handle encryption and decryption ?
Nope.
Encrypting a large amount of text (say, 128 MB) with a given public key is actually disaster-prone.
What you end up doing is slicing your message into distinct "blocks" and then encrypting each block independently. This is painfully slow, but also, it allows an attacker to trivially reorder/drop/repeat blocks at will.
In Java, this is what you get with RSA/ECB.
What EasyRSA does instead is what's called a "hybrid cryptosystem": You encrypt the message with fast symmetric encryption, then encrypt the symmetric key using RSA. This gives you the best of several worlds:
What libsodium does in \Sodium\crypto_box_seal()
is actually much easier to reason about than RSA and AES.
I am asking this because the decision to support this packaged ephemeral key only brings problems for example the php-encryption incopatible upgrade and beats it's purpose since you don't reuse the ephemeral key (for multiple KEK).
I'm not sure what you mean.
Super. This clears up most of the questions I had.
Regarding the last part:
Considering the above, the hybrid cryptosystem you mentioned, broke because there are no standards (php-encryption and what it does is not a standard) on the symmetric encryption part.
I kinda feel I want to say thanks even I had to work my \ out because you have good quality code and I learned a lot. My 2c here.
Ah, sorry about the trouble with that.
If you need something that works without creating dependency hell, Zend\Crypt 3.1.0 offers a hybrid cryptosystem based on RSA + AES-CBC, which I personally reviewed and didn't find any vulnerabilities in it.
EasyRSA was always intended to be used with defuse v2.0.x and newer, because of a lot of subtle theoretical reasons (mostly related to birthday collision probabilities) with v1.2.1.
Yeah. The v1.2.1 was very bad as of quality, crypto and performance. Thanks for all and keep up the good work guys!
Hi there,
Great work on this repo. Though for my understanding I would like to know why, since you have a KeyPair, do you need to go into creating ephemeral keys add symmetric encryption and complicate this?
Would it not suffice just to use RSA() and the keyPair to handle encryption and decryption ?
I am asking this because the decision to support this packaged ephemeral key only brings problems for example the php-encryption incopatible upgrade and beats it's purpose since you don't reuse the ephemeral key (for multiple KEK).
Am I missing something here?