Cryptography Tutorials - Herong's Tutorial Examples - Version 5.36, by Dr. Herong Yang
Cleartext Block Size for RSA Encryption
This section discusses what is the most efficient block size when dividing a Cleartext message into blocks for RSA public encryption. The suggested block size is 'floor((x-1)/8)', where 'x' is the RSA key size, or the key modulus bit length.
In the previous section, we learned how to convert a byte sequence into a positive integer, so that it can be encrypted by the RSA public key.
But what happens if the converted positive integer is too large? We know that the RSA public key encryption algorithm will not work on integers that are greater than the modulus of the RSA key.
To resolve this problem, we have to divide the cleartext byte sequence into blocks, and convert each block into a positive number smaller than the modulus of the RSA so it can be encrypted correctly. The next question is then, what block size should we use?
One option is use 1 byte as the block size. This will ensure that the converted integer is in the range of 0 and 255. Any RSA key with a modulus value greater than 255 will work on 1-byte blocks. In other words, any RSA key with a key size of 9 bites or higher will work 1-byte blocks.
However, if we have a RSA key with a much higher key size, like 2048 bites, using 1-byte blocks is not that efficient. This is because larger blocks can be used with larger keys to reduce the number of blocks to reduce the total encryption time and ciphertext data size.
Let's use a RSA key with 2048 bits with a cleartext byte sequence of 200 bytes to see the impact of using different block size.
1. If we set the block size to 1 byte, we will have:
2. If we set the block size to 200 bytes, we will have:
Obviously, using 200-bytes as the block size is much more efficient than 1-byte block size. This means the higher block size, the more efficient.
So we need to find the highest block size allowed for a given RSA key with x bits key size. This can be calculated as: "floor((x-1)/8)" in bytes. The resulting block size is at least 1 bit less than the RSA key bit length, which ensures that the integer value in each block is smaller than the key modulus.
Note that, we cannot use a block size that is the same bit length as the RSA key, because the result block may represent an integer greater than the key modulus. For example, block value 0xF0000000 is greater than a key modulus 0xEC134ECB. But their bit length is the same, 32 bits, 4 bytes.
Last update: 2013.
Table of Contents