According to updated versions of Lenstra available on this site , the security level of the 4096-bit RSA key is matched by a cryptographic hash that is no longer than 248 bits, for example SHA-256.
If you use RSA OAEP (and you should), then the amount of data that you can encrypt is larger, so modulus size - 2 - 2*hash size , which is 446 bytes.
With RSA PKCS # 1 v1.5, you can encrypt no more than modulus size - 11 bytes, but RSA PKCS # 1 v1.5 provides less security (it is not secure, and the minimum number of random fill bytes must be expanded at least 16 bytes) .
If you need to encrypt more data, you should not just hack it and use RSA several times on each block. This is a security flaw. You should use a different approach, more precisely:
- Choose a random 128 bit symmetric key.
- Use authenticated mode of operation to encrypt your data (e.g. AES-128 GCM).
- Symmetric key encryption using RSA OAEP.
RSA encryption (as opposed to decryption) is pretty fast, but the time really depends on the library and the platform used. For some links, see the cryptopp library site .
SquareRootOfTwentyThree
source share