7.10. Performing Raw Encryption with an RSA Public Key
You want to encrypt a small message using an RSA public key so that only an entity with the corresponding private key can decrypt the message.
Your cryptographic library should have a straightforward API to the RSA encryption algorithm: you should be able to give it the public key, the data to encrypt, a buffer for the results, an indication of the data’s length, and a specification as to what kind of padding to use (EME-OAEP padding is recommended).
When using OpenSSL, this can be
done with the
function, defined in
If, for some reason, you need to implement RSA on your own (which we strongly recommend against), refer to the Public Key Cryptography Standard (PKCS) #1, Version 2.1 (the latest version).
Conceptually, RSA encryption is very simple. A message is translated into an integer and encrypted with integer math. Given a message m written as an integer, if you want to encrypt to a public key, you take the modulus n and the exponent e from that public key. Then compute c = m e mod n, where c is the ciphertext, written as an integer. Given the ciphertext, you must have the private key to recover m. The private key consists of a single integer d, which can undo the encipherment with the operation m = cd mod n.
This scheme is believed to be as “hard” as factoring ...