Re: RSA Encrypt/Decrypt Problems
From: William Stacey [MVP] (staceywREMOVE_at_mvps.org)
Date: 03/20/05
- Next message: Eugene Mayevski: "Re: License File Generator Using Digital Signatures"
- Previous message: mr.mike.ward_at_gmail.com: "Re: License File Generator Using Digital Signatures"
- In reply to: Joseph MCAD: "Re: RSA Encrypt/Decrypt Problems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 19 Mar 2005 23:06:39 -0500
You can use CAPI and pinvoke if you want. But the simple class I showed
before is much simpler IMO and everything is managed code. Generate a sym
key and iv and encrypt with public key of the *receiver (i.e. A, B, or C).
You can generate a snk for each and replicate the public key part to each
other. Then sym encrypt your data with the key and iv and store in the
message. You can use SecXML in the framework to do the same thing IIRC, but
seemed more difficult then it needs to be when I looked at. Class with
three fields is pretty easy and so is the XmlSerializer to get your string
to pass. Returning the public key via some network call opens up a Man in
the middle attack unless you also secure the connection with SSL or
WS-SecureConversation before hand (put then your back to certs again). This
is primary reason certs where created. If you store the public key yourself
(and secure them for read only) on the computers, you don't need to make a
net call for the public key as you have it. Only the computer with the
matching private key can decrypt your sym key and hence decrypt your data.
You could actually do it with small blocks and only the public rsa key, but
why.
-- William Stacey, MVP http://mvp.support.microsoft.com "Joseph MCAD" <JosephMCAD@discussions.microsoft.com> wrote in message news:E3764B73-D554-402F-BCDC-0EFA7AE2AFD0@microsoft.com... > > March 19, 2005 > > That makes a lot more sense. I didn't quite understand it at first when > William Stancey suggested it. I won't be able to use CAPICOM, because I am > not familiar with marshalling in COM Interop. (If it was as simple as > referencing CAPICOM and then calling the classes as if they were .Net > Managed, then I could.) I suppose that I could expose the public key on each > computer by using .Net Remoting. (XML Web Services are out of the question, > because IIS isn't installed on all of the computers.) Then when a user wants > to send a message to another computer, the sender can query the other > computer for its public key. If the computer does not return its public key, > then I can notify the user right then that the computer might be turned off. > The user can then save his message to a file (encrypted with the symmetric > key) with the symmetric key embedded in the file and encrypted using the > public key of the user's computer. Then when the user tries to send it again, > he/she can query for the other computer public key again (and if that > succeeds), then open the file, decrypt it with the user's private key, and > then encrypt it with the other public key. Then the message can be sent. I > hope this makes sense and I am more than open to all suggestions and > comments! All of you are really helping me out! > > > Thanks again! > > Joseph MCAD > > > "Joe Kaplan (MVP - ADSI)" wrote: > > > Hi Joseph, > > > > The typical way of doing what you want to do is to generate a PKCS#7 > > enveloped data message like Mitch suggested. > > > > Essentially, it does exactly what you want. It bulk encrypts a message > > using a symmetric cipher (3DES, AES, etc.) and a randomly generated session > > key. Then, it encrypts the session key with the public key of each > > recipient of the message based on the key in their public certificate. > > Then, the enveloped data structure (in PKCS#7 format) is created which > > contains the encrypted data, information about the algorithm used, and a > > copy of the encrypted session key with information describing which > > certificate was used to encrypt it. Then, any recipient of the message who > > has the correct private key for his certificate can decrypt the session key > > and recover the original message. > > > > This is essentially how S/MIME email encryption works using certificates. > > It does require that you have the public certificate for each of your > > message recipients though. > > > > The problem is that .NET 1.1 doesn't have good support for creating > > enveloped data messages. In order to do this easily, COM interop to CAPICOM > > is the path of least resistance. It has a nice EnvelopedData class that > > works ok. It is also possible to do this with p/invoke to the CAPI API, but > > that is vastly more painful. Mitch's website has samples though. .NET 2.0 > > fixes this. > > > > What you really don't want to do is try to invent your own secure key > > exchange protocol. These things are notoriously hard to do well. > > > > And remember, anyone demonstrating a bulk encryption approach using just RSA > > is wrong. It is specifically not designed for that. RSA is for encrypting > > very tiny amounts of data (bulk encryption keys and hashes). > > > > I've over simplified in a few places, so if anyone wants to dress this up a > > bit, please feel free. > > > > Joe K. > > > > "Joseph MCAD" <JosephMCAD@discussions.microsoft.com> wrote in message > > news:AF912100-9386-46DA-9D6C-E2CDC327CB9A@microsoft.com... > > > > > > March 19, 2005 > > > > > > Thanks for everyone's help! I realize that you can exchange symmetric > > > keys with RSA and then send file to each other using the symmetric > > > algorithm. > > > I just wanted to make sure that you can't encrypt whole files using RSA > > > like > > > the examples I have seen. (The examples sure don't work when using long > > > strings! :-) ) Now that that is taken care of, I have another question. :) > > > I > > > will try to make it clear. I have three computers (Computer A which has > > > the > > > symmetric key, Computer B, and Computer C) which have to send files or > > > messages amoungst themselves, and they have to use a symmetric key. To > > > initially send B and C the key from the central computer (Computer A) I > > > want > > > to use RSA to encrypt the key. I have to assume that everyone in the > > > universe > > > has the public key. This means I cannot encrypt the key with a private key > > > on > > > A, because then everyone can decrypt the key with the public key and have > > > the > > > symmetric key. This means that I will have to encrypt it with the public > > > key, > > > and then have B and C have the private key to decrypt it. I don't trust > > > them > > > with the private key, however which creates the problem. What I am > > > thinking I > > > will do is this... I will have a unique key pair on each computer. > > > (KeyPair#1 > > > on A, #2 on B, and #3 on C ) > > > > > > Computer B & C Computer A > > > <<<------------------------------------------------ Step > > > 1 > > > ------------------------------------------------>>> Step > > > 2 > > > <<<----------------------------------------------- Step > > > 3 > > > <<<------------------------------------------->>> Step 4 > > > Step 1: Send public key#1 to computer B or C > > > Step 2: Send public key#2 or #3 (depending on computer) encrypted with > > > public key#1 > > > Step 3: Decrypt public key#2 or #3 with private key#1 and then send > > > symmetric key encrypted by public key#2 or #3 > > > Step 4: Send messages or files using symmetric key > > > > > > This seems right to me. If all of you would just validate that I > > > understand > > > it right, I would greatly appreciate it and then I can start building the > > > application! > > > > > > > > > Thanks again! > > > > > > Joseph MCAD > > > > > > > > > "Michel Gallant" wrote: > > > > > >> Typically ... RSA encryption is meant for encryption of small > > >> amounts of data (like secret symmetric keys). > > >> The related concept of enveloping (combination of bulk symmetric > > >> encryption of > > >> data, combined with RSA encryption of that secret symmetric keys to > > >> recipient(s)) > > >> is described here, with a .NET flavour: > > >> > > >> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncapi/html/encryptdecrypt2a.asp > > >> > > >> - Mitch Gallant > > >> MVP Security > > >> > > >> "William Stacey [MVP]" <staceywREMOVE@mvps.org> wrote in message > > >> news:u3c9OaGLFHA.1476@TK2MSFTNGP09.phx.gbl... > > >> > Not sure I understand you completely. If I read the post correctly, he > > >> > wants to encrypt some data on the client and send to some server. The > > >> > server will have the private key to decrypt the key and iv. This is a > > >> > normal way to do this type of thing. If he wants other, then need some > > >> > more > > >> > detail. Cheers. > > >> > > > >> > -- > > >> > William Stacey, MVP > > >> > http://mvp.support.microsoft.com > > >> > > > >> > "Cantelmo Software" <info@cantelmosoftware.com> wrote in message > > >> > news:uf7sKEGLFHA.3420@tk2msftngp13.phx.gbl... > > >> > > Hi William, > > >> > > if encrypt the simmetric-key with rsa public-key means that the > > >> > > customer > > >> > > must have the private-key for the decrypt! > > >> > > > > >> > > this goes well in the normal documents (generic data) but *not* for > > >> > > the > > >> > > applications (absolutely no!) why is possible to gain the public-key > > >> > > from > > >> > > that private-key! > > >> > > > > >> > > in the software applications (as an example in the generation of a > > >> > > serial > > >> > > number) it must be used rsa to the contrary. encrypt with the private > > >> > > key > > >> > > and decrypt with that public-key. in this way I have only the > > >> > > certainty > > >> > that > > >> > > is *not possible* to make a keygen why the private-key lacks! > > >> > > > > >> > > best regards, > > >> > > Marcello > > >> > > www.cantelmosoftware.com > > >> > > > > >> > > "William Stacey [MVP]" <staceywREMOVE@mvps.org> ha scritto nel > > >> > > messaggio > > >> > > news:uE7xfNCLFHA.2604@TK2MSFTNGP10.phx.gbl... > > >> > > >I would not break into pieces to do rsa encryption. Just use > > >> > > >Rijndael > > >> > > > encryption. Use something like so: > > >> > > > > > >> > > > public class Doc > > >> > > > { > > >> > > > public byte[] Key; > > >> > > > public byte[] IV; > > >> > > > public byte[] Data > > >> > > > } > > >> > > > > > >> > > > Then just create a Rijndael object that will have a new random key > > >> > > > and > > >> > iv. > > >> > > > Encrypt your all your data using rij (say maybe an xml doc with all > > >> > > > your > > >> > > > textbox fields as elements) and store in Data. Then encrypt your > > >> > > > key > > >> > and > > >> > > > iv > > >> > > > using the public RSA key. Then just serialize the Doc class above > > >> > > > using > > >> > > > XmlSerializer into an Xml string and send to the receiver. > > >> > > > Receiver > > >> > does > > >> > > > the reverse to get the data. No clear encryption key stored > > >> > > > anywhere > > >> > and > > >> > > > each new run will have different key and iv. hth. > > >> > > > > > >> > > > -- > > >> > > > William Stacey, MVP > > >> > > > http://mvp.support.microsoft.com > > >> > > > > > >> > > > "Joseph MCAD" <JosephMCAD@discussions.microsoft.com> wrote in > > >> > > > message > > >> > > > news:5E4D3B47-B809-43A3-A8AC-D7E461BB5E61@microsoft.com... > > >> > > >> > > >> > > >> March 18, 2005 > > >> > > >> > > >> > > >> Thanks! I have looked for a very long time for those byte > > >> > > >> length > > >> > > >> numbers! One problem though. :( If I am right, > > >> > > > Encoding.Unicode.Getbytes() > > >> > > >> converts each character to two bytes. That means that I cannot > > >> > > >> evenly > > >> > > > feed > > >> > > >> the bytes to RSA without splitting characters. Will this be a > > >> > > >> problem, > > >> > > >> and > > >> > > > am > > >> > > >> I right that .GetBytes() converts chars to two bytes? Also do you > > >> > > >> know > > >> > of > > >> > > > a > > >> > > >> way to split the UnEncrypted() byte array into blocks of 127? > > >> > > >> Right > > >> > now, > > >> > > >> I > > >> > > >> have tried to input the message into a stringreader and then read > > >> > > >> back > > >> > > > blocks > > >> > > >> of 50 chars at a time. I then convert the block of chars to bytes > > >> > > >> and > > >> > > >> feed > > >> > > >> the block of bytes to the encryptor. This works, but I for some > > >> > > >> reason > > >> > > > cannot > > >> > > >> decrypt it. (I just realized that I encrypted using the private > > >> > > >> key and > > >> > > > then > > >> > > >> decrypted using the private key. Do I have to create another rsa > > >> > > >> object > > >> > > > with > > >> > > >> JUST the public key, or can I decrypt using the same RSA since it > > >> > > >> has > > >> > > >> both > > >> > > >> the private and public key?) I guess I am just really confused and > > >> > > >> I > > >> > > > Really > > >> > > >> Appreciate your help! > > >> > > >> > > >> > > >> > > >> > > >> Joseph MCAD > > >> > > >> > > >> > > >> > > >> > > >> > > >> > > >> "Cantelmo Software" wrote: > > >> > > >> > > >> > > >> > Hi Joseph MCAD, > > >> > > >> > the size limit is: 128-11=117 bytes for PKCS#1 v 1.5 padding. > > >> > > >> > output > > >> > is > > >> > > >> > always 128 byte > > >> > > >> > > > >> > > >> > other details: > > >> > > >> > > > >> > > > > > >> > > > >> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfSystemSecurityCryptographyRSACryptoServiceProviderClassEncryptTopic.asp > > >> > > >> > > > >> > > >> > HTH > > >> > > >> > Marcello > > >> > > >> > www.cantelmosoftware.com > > >> > > >> > > > >> > > >> > try my Goliath.NET obfuscator (pre-release version) & send me > > >> > > >> > your > > >> > > > opinion > > >> > > >> > ;-) > > >> > > >> > http://xoomer.virgilio.it/cantelmosoftware/net/TryMe.zip > > >> > > >> > > > >> > > >> > > > >> > > >> > "Joseph MCAD" <JosephMCAD@discussions.microsoft.com> ha scritto > > >> > > >> > nel > > >> > > >> > messaggio > > >> > > >> > news:4CD6D9DF-D97A-444C-81D5-7FD2C57FFD21@microsoft.com... > > >> > > >> > > > > >> > > >> > > March 18, 2005 > > >> > > >> > > > > >> > > >> > > I am trying to encrypt messages typed in a textbox by > > >> > encrypting > > >> > > > them > > >> > > >> > > using RSACryptoServiceProvider. If the text is shorter than > > >> > > >> > > about > > >> > 1/2 > > >> > > > a > > >> > > >> > > sentence, then it works fine. If it is longer, say: "This is > > >> > > >> > > my > > >> > > > message. > > >> > > >> > > It > > >> > > >> > > is not very long, however.", then RSA.Encrypt(MessageBytes, > > >> > > >> > > False) > > >> > > > fails > > >> > > >> > > with > > >> > > >> > > "Bad Length". I know that RSA is usually used for encrypting > > >> > > >> > > small > > >> > > > amounts > > >> > > >> > > of > > >> > > >> > > data, such as symmetric keys, but all the examples I have seen > > >> > > >> > > haven't > > >> > > >> > > mention this. Even Microsoft's Training Kit for their > > >> > > >> > > Microsoft > > >> > > > Certified > > >> > > >> > > Professional Exam 70-330 (Implementing Application Security) > > >> > > >> > > asks > > >> > you > > >> > > > to > > >> > > >> > > build a program that encrypts entire files using RSA. Can > > >> > > >> > > anyone > > >> > > > provide a > > >> > > >> > > definite answer as to whether I can use RSA for what I am > > >> > > >> > > doing? > > >> > > > Thanks a > > >> > > >> > > lot > > >> > > >> > > for any response, as I have worked about 10 hours on this! > > >> > > >> > > > > >> > > >> > > dim message as string = "A longer string than an encryption > > >> > > >> > > key.......MessageText" > > >> > > >> > > dim unencryptedbytes() as byte = > > >> > > >> > > encoding.unicode.getbytes(message) > > >> > > >> > > dim RSA as new RSACryptoServiceProvider() > > >> > > >> > > RSA.FromXMLString(MyPrivateKey) > > >> > > >> > > dim encrypted() as byte = rsa.encrypt(unencryptedbytes, false) > > >> > > >> > > 'Errors > > >> > > >> > > here > > >> > > >> > > > > >> > > >> > > > > >> > > >> > > Joseph MCAD > > >> > > >> > > > > >> > > >> > > > > >> > > >> > > > >> > > >> > > > >> > > >> > > > >> > > > > > >> > > > > >> > > > > >> > > > >> > > >> > > >> > > > > > >
- Next message: Eugene Mayevski: "Re: License File Generator Using Digital Signatures"
- Previous message: mr.mike.ward_at_gmail.com: "Re: License File Generator Using Digital Signatures"
- In reply to: Joseph MCAD: "Re: RSA Encrypt/Decrypt Problems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
