Re: Asymmetric encryption questions

From: FullMetalAnorak (ollie.riches@hotmail.com)
Date: 06/20/02 

From: "FullMetalAnorak" <ollie.riches@hotmail.com>
Date: Thu, 20 Jun 2002 15:34:58 +0100

Nice One Chad

More answers in a few lines than the whole of MSDN help....

Cheers

Ollie

"Chad Myers" <cmyers@N0.S.P4.M.austin.rr.com> wrote in message
news:#qz0SXGGCHA.1744@tkmsftngp13...
>
> "FullMetalAnorak" <ollie.riches@hotmail.com> wrote in message
> news:eKOkYLEGCHA.2544@tkmsftngp08...
> > Hi,
> >
> > I want to use public, private key encryption so after looking at the
help
> I
> > am going to use RSACryptoProvider, I see that if I want to serialize out
> the
> > public, private keys I use the method 'ExportParameters' that returns
the
> > RSAParameters object which can be serialized as XML.
> >
> > Does this contain all the information required to recreate an
> > RSACryptoProvider?
>
> Yes.
>
> >
> > Does this contain both the public and private keys?
>
> It always contains the public, but the "exportPrivateData" flag
> on the ExportParameters() method determines whether it exports
> the private key.
>
> >
> > Do I need to extract out the public key for my client or just provide
all
> > the information from the serialized object?
> >
> > Can you persist the keys generated in the RSACryptoProvider?
>
> Yes. You can write the bytes or xml to a file, however, storing private
> key data is a bad practice unless you do so according to key storage
> standards.
>
> .NET has no managed support for secure key storage. You must use
> the unmanaged Win32 CryptoAPI methods for storing keys securely.
>
> What I think you're looking to do is do key exchange. If you want
> to create an encrypted session, you should generate a keypair
> on the server, then use something like RSAOAEPKeyExchangeFormatter
> and Deformatter to properly send the server's public key to the
> client. Then, using that new RSA encrypted channel, you can send
> the session key for your TripleDES (or other symmetric alg)
> encryption session.
>
> It's not a good idea to use RSA to do full encryption as its
> slower than symmetric algorithms such as TripleDES or Rijndael.
>
> -c
>
>

Relevant Pages

  • Re: Asymmetric encryption questions
    ... >> I want to use public, private key encryption so after looking at the ... private keys I use the method 'ExportParameters' that returns ... > .NET has no managed support for secure key storage. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Asymmetric encryption questions
    ... > I want to use public, private key encryption so after looking at the help ... > am going to use RSACryptoProvider, I see that if I want to serialize out ... private keys I use the method 'ExportParameters' that returns the ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Asymmetric encryption questions
    ... >>> I want to use public, private key encryption so after looking at the ... >>> Do I need to extract out the public key for my client or just provide ... >> to create an encrypted session, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: RSA breaking vs. factoring
    ... affects the two possible usages of RSA both for encryption (first public, ... then private key) and for signing ... are identical to encryption, in reverse order. ... Digital signature generation takes an input message (which may be quite ...
    (sci.crypt)
  • Re: CryptAPI(encryption/decryption)
    ... It seems like you're missing the Base64 decode step when trying to decrypt ... I misspelled the Private Key as Primary Key. ... Is there any variation in the encryption format in openssl compared to ... "Dylan DSilva " wrote: ...
    (microsoft.public.pocketpc.developer)