# Large Data Not Encrypted With RSA Encryption

**My Problem:**

My encryption code ** working fine for below 64 characters**. but if it exceeds 64 character I got following error

```
javax.crypto.IllegalBlockSizeException: input must be under 64 bytes
```

**Encryption code**

```
cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
encryptedBytes = cipher.doFinal(message.getBytes(StandardCharsets.UTF_8));
rsaEncrypted= Base64.encodeToString(encryptedBytes, Base64.NO_WRAP);
```

**Key generation code**

```
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(512);
KeyPair keypair = keyGen.genKeyPair();
PublicKey pub = keypair.getPublic();
byte[] pubs = pub.getEncoded();
```

**My question:**

It's possible encrypt large text with 512 bits of keys? Any mistake in my code?

Note: If anyone want full of code I will update later.

## Answer

Here is a direct quote from the seminal book titled `Cryptography Engineering`

by Ferguson, Schneier, and Kohno,

Encrypting a message is the canonical application of RSA, yet it is

almost never used in practice. The reason is simple:the size of the message that can be encrypted using RSA is limited by the size of n. In real systems, you cannot even use all the bits, because the encoding function has an overhead. Thislimited message sizeis tooimpracticalfor most applications, and because the RSA operation isquite expensivein computational terms, you don’t want to split a message into smaller blocks and encrypt each of them with a separate RSA operation.

In other words, for a n-bit RSA key, the maximum length of data RSA can encrypt in bytes is

```
Floor(n/8) - 11
```

where 11 bytes is for padding

So for a key size of 512 bits, the maximum length of data that can be encrypted is,

```
512/8 - 11 = 53 bytes
```

Again from the book `Cryptography Engineering`

,

The solution used almost everywhere is to choose a random secret key K, and encrypt K with the RSA keys. The actual message m is then encrypted with key K using a block cipher or stream cipher. So instead of sending something like E

_{RSA}(m), you send E_{RSA}(K),E_{K}(m).

Basically, it's telling you do the following to get over the limitation of RSA,

- Generate a secret key,
`K`

using an algorithm such as AES. - Encrypt the plaintext,
`m`

, with the newly generated secret key to get cipher text, say E_{K}(m). - Encrypt the secret key a RSA public key, E
_{RSA}(K). - Sent the client the cipher text, E
_{K}(m), and the encrypted key E_{RSA}(K). - The client can decrypt E
_{RSA}(K) with the RSA private key to get`K`

. - The client then decrypt the cipher text, E
_{K}(m) with`K`

to get`m`

.

## Related Questions

- → How to update data attribute on Ajax complete
- → October CMS - Radio Button Ajax Click Twice in a Row Causes Content to disappear
- → Octobercms Component Unique id (Twig & Javascript)
- → Passing a JS var from AJAX response to Twig
- → Laravel {!! Form::open() !!} doesn't work within AngularJS
- → DropzoneJS & Laravel - Output form validation errors
- → Import statement and Babel
- → Uncaught TypeError: Cannot read property '__SECRET_DOM_DO_NOT_USE_OR_YOU_WILL_BE_FIRED' of undefined
- → React-router: Passing props to children
- → ListView.DataSource looping data for React Native
- → Can't test submit handler in React component
- → React + Flux - How to avoid global variable
- → Webpack, React & Babel, not rendering DOM