RE: RSA Encryption

From: Shawn Farkas [MS] (shawnfa_at_online.microsoft.com)
Date: 09/30/04 

Date: Wed, 29 Sep 2004 23:25:32 GMT

Usually RSA is only used for short data, and if longer data is required to
be encrypted, then RSA is used to encrypt the key for a symmetric
algorithm, which is then used to encrypt all the data.

That being said, if your password is short, then encrypting with RSA should
be fine. From a quick scan of your code I see two obvious problems.
1. You generate a new random key for both encryption and decryption -- you
need to use the same key for both operations.
2. When you store the data by going through ASCIIEncoding, you're dropping
off the highest order bit from each byte (ASCII is a 7 bit encoding). If
your goal is to store the encrypted byte array as a string, I would suggest
using Base64 encoding instead.

-Shawn
http://blogs.msdn.com/shawnfa
--
This posting is provided "AS IS" with no warranties, and confers no rights.
 

Note:
For the benefit of the community-at-large, all responses to this message
are best directed to the newsgroup/thread from which they originated.
--------------------
> From: klj_mcsd@hotmail.com (KJ)
> Newsgroups: microsoft.public.dotnet.security
> Subject: RSA Encryption
> Date: 28 Sep 2004 11:32:22 -0700
> Organization: http://groups.google.com
> Lines: 57
> Message-ID: <d83a9214.0409281032.79474f3f@posting.google.com>
> NNTP-Posting-Host: 198.26.122.13
> Content-Type: text/plain; charset=ISO-8859-1
> Content-Transfer-Encoding: 8bit
> X-Trace: posting.google.com 1096396343 29772 127.0.0.1 (28 Sep 2004
18:32:23 GMT)
> X-Complaints-To: groups-abuse@google.com
> NNTP-Posting-Date: Tue, 28 Sep 2004 18:32:23 +0000 (UTC)
> Path:
cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!news-out.cwix.com!newsfeed.cwix.co
m!news.maxwell.syr.edu!postnews1.google.com!not-for-mail
> Xref: cpmsftngxa06.phx.gbl microsoft.public.dotnet.security:7555
> X-Tomcat-NG: microsoft.public.dotnet.security
>
> Is RSA a good encryption method? Also I'm having a problem pulling the
> string out of the database and decrypting it. Please Help
>
> Code is below:
>
>
> Private Function EncryptPassword(ByVal a_Password As String) As
> String
> Dim ByteConverter As New ASCIIEncoding
> Dim dataToEncrypt As Byte() =
> ByteConverter.GetBytes(a_Password)
> Dim encryptedData() As Byte
>
> 'Create a new instance of the RSACryptoServiceProvider class
> ' and automatically create a new key-pair.
> Dim RSAalg As New RSACryptoServiceProvider
> Try
> 'Encrypt the byte array and specify no OAEP padding.
> 'OAEP padding is only available on Microsoft Windows XP or
> 'later.
> encryptedData = RSAalg.Encrypt(dataToEncrypt, False)
> 'Saving this string to the database 'Should I do that?
> Return ByteConverter.GetString(encryptedData)
> Catch e As CryptographicException
> 'Catch this exception in case the encryption did
> 'not succeed.
> ' Console.WriteLine(e.Message)
> End Try
>
> End Function
>
>
> Private Function DecryptPassword(ByVal strEncryptedPassword As String)
> As String
> 'I'm passing the string that I stored in the database
> Dim ByteConverter As New ASCIIEncoding
> Dim decryptedData() As Byte
> Dim encryptedPassword As Byte()
> 'Create a new instance of the RSACryptoServiceProvider class
> ' and automatically create a new key-pair.
> Dim RSAalg As New RSACryptoServiceProvider
> Try
> encryptedPassword =
> ByteConverter.GetBytes(strEncryptedPassword)
> 'Pass the data to ENCRYPT and boolean flag specifying
> 'no OAEP padding.
> decryptedData = RSAalg.Decrypt(encryptedPassword, True)
>
> Return ByteConverter.GetString(decryptedData)
>
> Catch ex As CryptographicException
> 'Catch this exception in case the encryption did
> 'not succeed.
> Throw ex
> End Try
>
> End Function
>

Relevant Pages

  • Re: Symmetric encryption algorithm with group like properties
    ... >> Solutions that exist today are not as secure as they can be. ... I wouldn't expect more than PGP / GPG type encryption, ... > versions - with the key, protected by RSA encryption under a RSA public key ... > Alice needs a secure decryption mechanism to read her emails, ...
    (sci.crypt)
  • RE: rsa encrtyption
    ... It seems to work for her now and all we did was apply some Sql Server updates. ... My only guess was that the MS dll she used to apply the RSA encryption was ... According to the RSA encryption reference, I've performed some local tests, ... Export the machine-level RSA key container: ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: rsa encrtyption
    ... According to the RSA encryption reference, I've performed some local tests, ... Grant Read Access to the RSA Encryption Key: ... Export the machine-level RSA key container: ... Import the the machine-level RSA key container on the 2nd server: ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Rabin vs. RSA/ElGamal
    ... the speed difference between RSA ... encryption and Rabin encryption probably is irrelevant. ... For RSA or ElGamal you need exponentiation. ...
    (sci.crypt)
  • Re: Rabin vs. RSA/ElGamal
    ... the speed difference between RSA ... encryption and Rabin encryption probably is irrelevant. ... What DOES takes the time is decryption. ... This also doesn't change the fact that Rabin encryption is still a lot ...
    (sci.crypt)