javascript - forge.js Replicate what I do with rsa but with aes -


im using javascript library forge.js (https://github.com/digitalbazaar/forge)

rsa publickey if 896 bits in length lets me encrypt fare bit of text but, length of publickey it's self long needs.

if shorten key of 460 bits length of key ok but, limited encrypting short amount.

i features of rsa (encrypt/decrypt & sign/verify) don't length of key it's self , limit on size.

is there form of encryption better suited use?

needs:

  • a public key 20 characters long

  • to able encrypt around 140 characters

  • same or similar features rsa

i have been playing around forge aes looks encryption sort of shared thing - have 1 key (that shared?). can create cypher , decypher. don't see how work similar rsa as; rsa can share publickey , safe sign , decrypt don't see how can same current understanding of aes.

how opperate:

//make sure user has said both hasn't been tampered , var kp=forge.pki.rsa.generatekeypair({bits: 896,e:0x10001}); var m=['hi!']; m[1]=kp.privatekey.sign(forge.md.sha1.create().update(m[0],'utf8')); console.log(m); console.log(kp.publickey.verify(forge.md.sha1.create().update(m[0],'utf8').digest().bytes(),m[1])); var asked='did read this?'; var ask=kp.publickey.encrypt(asked); var read=kp.privatekey.decrypt(ask); var r=['yes!']; console.log('yes?'); r[1]=kp.privatekey.sign(forge.md.sha1.create().update(r[0],'utf8')); r[2]=kp.privatekey.sign(forge.md.sha1.create().update(read,'utf8')); console.log(kp.publickey.verify(forge.md.sha1.create().update(asked,'utf8').digest().bytes(),r[2])); 

note: need decrypt , verify try{}catch(e){} in production incase messages we're different users publickey.

so far can encrypt , decrypt basicly don't understand how turn form of cyrptography used to

//encypher letter decypher var aes=forge.pkcs5.pbkdf2('k9','kr',1000,32); var ci=forge.cipher.createcipher('aes-cbc',aes); ci.start({'iv':'k5'}); ci.update(forge.util.createbuffer('i','utf8')); ci.finish(); console.log(ci.output.tohex()); var ci=forge.cipher.createdecipher('aes-cbc',aes); ci.start({'iv':'k5'}); ci.update(forge.util.createbuffer(forge.util.hextobytes('7276131d61a323c37b5e451c3acc983e'))); ci.finish(); ci.output.tostring('utf8') //7276131d61a323c37b5e451c3acc983e //"i"  // k9 kr k5 might me mashing keyboard head btw 

no, can't use aes replacement of rsa, because noted, aes key must shared.

a 460 bit rsa key doesn't provide (any) security nowadays. can brute-forced little bit of ec2 time. recommendation use @ least 2048 bit rsa keys.

since want sign stuff, can use ecdsa based on elliptic curve cryptography (ecc) , enables use smaller keys similar security (some numbers). forge doesn't provide ecc support yet.

sjcl provides implementation of ecdsa

  • add sjcl.js, core/bn.js, core/ecc.js
  • generate keys var ecdsakeys = sjcl.ecc.ecdsa.generatekeys(256);
  • ecdsakeys.pub provides verify() function
  • ecdsakeys.sec provides sign() function
  • if need send public or secret key, need serialize yourself.

if need encryption instead of signature, use elgamal instead of ecdsa. sjcl provides that. since impossible encrypt 140 characters size of elgamal keys, need opt in hybrid encryption aes. sjcl provides authenticated modes gcm or ccm.


Comments

Popular posts from this blog

java - UnknownEntityTypeException: Unable to locate persister (Hibernate 5.0) -

python - ValueError: empty vocabulary; perhaps the documents only contain stop words -

ubuntu - collect2: fatal error: ld terminated with signal 9 [Killed] -