TransWikia.com

Encrypting/Decrypting using RSA and AES; standards?

Cryptography Asked by Alfe on October 24, 2021

I’m looking for a standard way of encrypting and signing a message using RSA and AES. I understand that in pseudo-code the actions taking place are like this:

Alice’s actions for sending a secret signed message to Bob:

AES = random()      
message' = encrypt(message, AES)
AES' = encrypt(AES, Bob's public RSA)   
messageHash = hash(message')
signature = encrypt(messageHash, Alice's private RSA)
send(Bob, AES')
send(Bob, message')
send(Bob, signature)

Bob’s actions for receiving a secret, signed message from Alice:

AES', message', signature = split(input)
AES = decrypt(AES', Bob's private RSA)
messageHash = decrypt(signature, Alice's public RSA)
receivedMessageHash = hash(message')
messageHash == receivedMessageHash? --> bail out if unequal
message = decrypt(message', AES)

So, Alice chooses a random AES key, encrypts the message with it, and sends this to Bob, along with an encrypted version of the AES key to decrypt it and a signature to prove her as an originator.

Of course, there are other setups, like sending to multiple people or having no need for a signature or similar, but I’m looking for a kind of setup like this. Maybe I understand something wrong and my pseudo code above lacks precision or contains a bug. It just represents my crude understanding of the matter 😉

I can do all this step by step by myself, using Python libraries like Crypto or Unix shell tools like OpenSSL.

But I’m looking for a standard way to do this, without worrying about how to implement paddings or that split() function used in the pseudo-code when receiving the message. I guess there must be a library or a toolset or whatever which does this for me and which may be even allowed interoperating with other programs doing similar tasks.

Questions:

  1. Is my setup described above feasible and typical? Or does it contain any logical errors, flaws, or attackable aspects?
  2. Is there such a library or toolset available as Unix command-line tools or Python libraries that do this for me?

I’d prefer to stick to RSA and AES with an option of exchanging each with any other chosen algorithm, but solutions for a fixed algorithm set would be welcome as well.

As I said, sending from Alice to Bob is my first approach but being able to send to more than one receiver would be a nice bonus.

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP