Thank you Shachar.
 
David V.

On Dec 21, 2007 8:08 AM, Shachar Shemesh <shachar@shemesh.biz> wrote:
David V. wrote:

> Shachar,
>
> When using a 512bits RSA key with rsyncrypto I get the following error :
>
> error:0906D06C:PEM routines:PEM_read_bio:no start line:
Hmm. Yes, it seems a more descriptive error would be in order.
>
> When using a 1024bits key everything is fine.
>
The RSA key is used to encrypt the state needed for the symmetric
encryption. This state (as shown by the "key" file size) is 68 bytes
long. A 512 bits key can only reliably encrypt data that is up to 511
bits long. Since 512 bits is 64 bytes long, this key is too short to be
useful.

If you add to that the fact that we (currently) use a padding mode, you
probably need at least a 768 bit key in order to encrypt using rsyncrypto.
> I'm asking because in some contries using bigs keys is illegal.
768 bits RSA is considered fairly unsafe these days. Details on
countries that prohibit such short keys are welcome.
>
Shachar