AFAIK, RSA isn't supposed to be used as a message encryption system. Instead, it (asymmetric) is better when combined with a symmetric system, forming a hybrid cryptosystem.
As defined by Wikipedia:
A hybrid cryptosystem can be constructed using any two separate cryptosystems:
- a key encapsulation scheme, which is a public-key cryptosystem, and
- a data encapsulation scheme, which is a symmetric-key cryptosystem.
Hybrid Cryptosystem Proposal
I propose we move away from RSA and instead use the following scheme:
- Alice, Bob, and Charlie agree on a finite, cyclical group G of order n with generator g and modulo p.
- Alice, Bob, and Carol each generate a random natural number a, b, and c respectively such that they are greater than 0 and less than n
- Alice, Bob, and Carol join the server, registering their public keys g^a and the server broadcasts these public keys to all participants.
- Alice wants to send a message to Bob, so she calculates (g^b)^a.
- Alice utilizes AES with (g^b)^a as the secret key to encrypt message m -> c_b.
- Alice broadcasts
[BOB_PUBLIC_KEY][ALICE_PUBLIC_KEY]: c_b.
- Bob receives Alice's message, calculates (g^a)^b and decrypts c_b.
References:
AFAIK, RSA isn't supposed to be used as a message encryption system. Instead, it (asymmetric) is better when combined with a symmetric system, forming a hybrid cryptosystem.
As defined by Wikipedia:
Hybrid Cryptosystem Proposal
I propose we move away from RSA and instead use the following scheme:
[BOB_PUBLIC_KEY][ALICE_PUBLIC_KEY]: c_b.References: