Long string in crypting


#1

I use a solution to crypt a string that I found using OpenSSL. But the
crypted string becomes very long, too long for a varchar 255 to hold it.
What can I do to make it shorter? Or should I just use text as column in
the mysql db?

public_key_file = ‘lib/public.pem’
public_key = OpenSSL::PKey::RSA.new(File.read(public_key_file))
@encrypted_string = Base64.encode64(public_key.public_encrypt(string))


#2

Pål Bergström wrote:

I use a solution to crypt a string that I found using OpenSSL. But the
crypted string becomes very long, too long for a varchar 255 to hold it.
What can I do to make it shorter? Or should I just use text as column in
the mysql db?

public_key_file = ‘lib/public.pem’
public_key = OpenSSL::PKey::RSA.new(File.read(public_key_file))
@encrypted_string = Base64.encode64(public_key.public_encrypt(string))

It appears that you are using public/private key encryption which uses
much longer keys than symmetric encryption by necessity. Asymmetric
encryption is also very slow and more processor intensive than that of
symmetric encryption. The key advantage of asymmetric is that it
separates the public and private keys to solve the key exchange problem.

Symmetric encryption has advantage in almost every other way over
asymmetric. It’s able to use much shorter keys for equal or better
quality encryption, it’s very much faster and more efficient.

Take for example SSL, which uses asymmetric (public/private keys) to
encrypt only one small bit of data. This small bit is the shared
symmetric key that gets exchanged between the client and server. Once
both sides have this shared key then all remaining data for the session
gets encrypted with a symmetric cypher algorithm.

That’s a long winded way to say, “Do you need the secure key exchange,
or will a prearranged shared key work for your case?” If not then
switching to a symmetric algorithm will be smaller, faster and way more
efficient.


#3

Robert W. wrote:

It appears that you are using public/private key encryption which uses
much longer keys than symmetric encryption by necessity. Asymmetric
encryption is also very slow and more processor intensive than that of
symmetric encryption. The key advantage of asymmetric is that it
separates the public and private keys to solve the key exchange problem.

Symmetric encryption has advantage in almost every other way over
asymmetric. It’s able to use much shorter keys for equal or better
quality encryption, it’s very much faster and more efficient.

Take for example SSL, which uses asymmetric (public/private keys) to
encrypt only one small bit of data. This small bit is the shared
symmetric key that gets exchanged between the client and server. Once
both sides have this shared key then all remaining data for the session
gets encrypted with a symmetric cypher algorithm.

That’s a long winded way to say, “Do you need the secure key exchange,
or will a prearranged shared key work for your case?” If not then
switching to a symmetric algorithm will be smaller, faster and way more
efficient.

I need a somewhat simple encrypting method of storing data that can be
decrypted. This was the only thing I could get to work. When I try
EzCrypto I run into an error “uninitialized constant” or something.


#4

Pål Bergström wrote:

I need a somewhat simple encrypting method of storing data that can be
decrypted. This was the only thing I could get to work. When I try
EzCrypto I run into an error “uninitialized constant” or something.

What I would recommend is switching from RSA (public-key encryption) to
AES (symmetric cypher).

Try this code:

http://snippets.dzone.com/posts/show/576

I have no idea if it work I just found by Googling.


#5

Robert W. wrote:

What I would recommend is switching from RSA (public-key encryption) to
AES (symmetric cypher).

Try this code:

http://snippets.dzone.com/posts/show/576

I have no idea if it work I just found by Googling.

Great. I’ll try this.