I´m acutally using bouncycastle library for my applications RSA crypto. My question is: When I encrypt one plaintext two times using the same key, It will lead to two different ciphertexts, so there has to be some kind of randomization in bouncycastles implementation (RSA itself is not randomized, so enc(a, k) is always the same).
Can anyone please tell me, how this is done? I found out something about crypto blinding, but it seemed for me, that I´d have to use some blinding-engine for that.
Here my Sourcecode:
private byte[] encRSA(byte[] in, java.security.PublicKey publicKey) { try { Cipher rsaCipher = Cipher.getInstance("RSA/NONE/PKCS1Padding", "BC"); rsaCipher.init(Cipher.ENCRYPT_MODE, publicKey); rsaCipher.update(in); return rsaCipher.doFinal(); } catch (Exception e) { e.printStackTrace(); } return null; }
Can anyone please help me?
Thanks!!!
Advertisement
Answer
RSA output is not random, but the PKCS1Padding is, leading to a different output each time. See RFC 3218 for more information.
The random padding is actually needed to counter attacks where an attacker could try to guess a message by encrypting one and comparing to the encrypted output he intercepted.